Intrusion PreventionHTTP.URI.SQL.Injection
Description
This indicates an attempt to exploit a SQL-injection vulnerability through HTTP requests.
The vulnerability is a result of the application's failure to check user supplied input before using it in an SQL query. As a result, a remote attacker can send a crafted query to execute SQL commands on a vulnerable server.
Affected Products
This is a generic signature against web-based SQL injections.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest patch to the vulnerable software.
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2025-10-16 | 34.102 |
Modified
|
Sig Added |
| 2025-01-30 | 29.946 |
Modified
|
Sig Added |
| 2024-02-26 | 26.739 |
Modified
|
Sig Added |
| 2023-12-20 | 26.700 |
Modified
|
Sig Added |
| 2023-03-28 | 23.521 |
Modified
|
Sig Added |
| 2023-02-22 | 22.500 |
Modified
|
Sig Added |
| 2023-02-01 | 22.487 |
Modified
|
Sig Added |
| 2023-01-09 | 22.471 |
Modified
|
Sig Added |
| 2023-01-04 | 22.469 |
Modified
|
Sig Added |
| 2022-07-15 | 21.357 |
Modified
|
Sig Added |
| ID | 15621 |
| Created | Jun 10, 2008 |
| Updated | Oct 16, 2025 |
| Risk |
|
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | All |
| Profile Type | SQL Injection |