scores.sqli = 100 scores.xss = 100 scores.rce = 100 blacklistParam(url='/\/wp\-admin[\/]+admin\-ajax\.php/i', param=request.queryString['action']) blacklistParam(url='/\/wp\-admin[\/]+admin\-ajax\.php/i', param=request.queryString['img']) blacklistParam(url='/\/wp\-admin[\/]+admin\-ajax\.php/i', param=request.body['action']) blacklistParam(url='/\/wp\-admin[\/]+admin\-ajax\.php/i', param=request.body['img']) blacklistParam(url='/.*/', param=request.body['nsextt']) blacklistParam(url='/\/uploadify\.php$/i', param=request.fileNames['Filedata']) blacklistParam(url='/.*/', param=request.fileNames['yiw_contact']) blacklistParam(url='/\/license\.php$/i', param=request.fileNames['filename']) blacklistParam(url='/\/wp\-admin[\/]+admin\-ajax\.php$/i', param=request.fileNames['update_file']) blacklistParam(url='/tiny_mce[\/]+plugins[\/]+tinybrowser[\/]+upload_file\.php$/i', param=request.fileNames['Filedata']) blacklistParam(url='/elfinder[\/]+php[\/]+connector\.minimal\.php$/i', param=request.fileNames['upload']) whitelistParam(url='/.*/', param=request.body['excerpt']) whitelistParam(url='/wp-comments-post\.php$/i', param=request.body['comment'], rules=[3, 12]) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['content']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['data']) whitelistParam(url='/\/wp\-load\.php$/i', param=request.body['params']['files'], rules=[9]) whitelistParam(url='/\/wp-admin\/(?:network\/)?(?:plugin(?:s|-install)|edit)\.php$/i', param=request.queryString['s']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['whitelistedPath']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['whitelistedParam']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['oldWhitelistedPath']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['oldWhitelistedParam']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['newWhitelistedPath']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['newWhitelistedParam']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['bannedURLs']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['scan_include_extra']) whitelistParam(url='/\/wp-admin\/(?:network\/)?(?:plugin|theme)-editor\.php$/i', param=request.body['newcontent']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['widget-text']) whitelistParam(url='/.{0,1}/', param=request.queryString['_wp_http_referer']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.queryString['plugin']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.queryString['action']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.queryString['checked']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.body['action']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.body['checked']) whitelistParam(url='/\/wp-admin\/(?:network\/)?plugins\.php$/i', param=request.body['submit']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['blogname']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['blogdescription']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['siteurl']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['home']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['admin_email']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['moderation_keys']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['blacklist_keys']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['permalink_structure']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['category_base']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['tag_base']) whitelistParam(url='/\/wp-admin\/edit-comments\.php$/i', param=request.queryString['s']) whitelistParam(url='/\/wp-login\.php$/i', param=request.body['log']) whitelistParam(url='/\/wp-login\.php$/i', param=request.body['pwd']) whitelistParam(url='/\/wp-login\.php$/i', param=request.body['redirect_to']) whitelistParam(url='/\/wp-admin\/network\/(?:user|site)s\.php$/i', param=request.queryString['s']) whitelistParam(url='/\/wp-admin\/network\/site-new\.php$/i', param=request.body['blog']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['deletedWhitelistedPath']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['deletedWhitelistedParam']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['itsec_global']['log_location']) whitelistParam(url='/\/wp-admin\/options\.php$/i', param=request.body['itsec_backup']['location']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['dir']) whitelistParam(url='/(?:lint|import)\.php$/i', param=request.body['sql_query']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['divi_integration_body']) whitelistParam(url='/\/wp-admin\/admin-ajax\.php$/i', param=request.body['divi_integration_head']) whitelistParam(url='#wp\-admin/+options\-general.php$#i', param=request.body['options']['modules']['ga_code'], rules=[9]) whitelistParam(url='#importbuddy\.php$#i', param=request.fileNames, rules=[76]) sqliRegex = '/(?:[^\w<]|\/\*\![0-9]*|^)(?: @@HOSTNAME| ALTER|ANALYZE|ASENSITIVE| BEFORE|BENCHMARK|BETWEEN|BIGINT|BINARY|BLOB| CALL|CASE|CHANGE|CHAR|CHARACTER|CHAR_LENGTH|COLLATE|COLUMN|CONCAT|CONDITION|CONSTRAINT|CONTINUE|CONVERT|CREATE|CROSS|CURRENT_DATE|CURRENT_TIME|CURRENT_TIMESTAMP|CURRENT_USER|CURSOR| DATABASE|DATABASES|DAY_HOUR|DAY_MICROSECOND|DAY_MINUTE|DAY_SECOND|DECIMAL|DECLARE|DEFAULT|DELAYED|DELETE|DESCRIBE|DETERMINISTIC|DISTINCT|DISTINCTROW|DOUBLE|DROP|DUAL|DUMPFILE| EACH|ELSE|ELSEIF|ELT|ENCLOSED|ESCAPED|EXISTS|EXIT|EXPLAIN|EXTRACTVALUE| FETCH|FLOAT|FLOAT4|FLOAT8|FORCE|FOREIGN|FROM|FULLTEXT| GRANT|GROUP|HAVING|HEX|HIGH_PRIORITY|HOUR_MICROSECOND|HOUR_MINUTE|HOUR_SECOND| IFNULL|IGNORE|INDEX|INFILE|INNER|INOUT|INSENSITIVE|INSERT|INTERVAL|ISNULL|ITERATE| JOIN|KILL|LEADING|LEAVE|LIMIT|LINEAR|LINES|LOAD|LOAD_FILE|LOCALTIME|LOCALTIMESTAMP|LOCK|LONG|LONGBLOB|LONGTEXT|LOOP|LOW_PRIORITY| MASTER_SSL_VERIFY_SERVER_CERT|MATCH|MAXVALUE|MEDIUMBLOB|MEDIUMINT|MEDIUMTEXT|MID|MIDDLEINT|MINUTE_MICROSECOND|MINUTE_SECOND|MODIFIES| NATURAL|NO_WRITE_TO_BINLOG|NULL|NUMERIC|OPTION|ORD|ORDER|OUTER|OUTFILE| PRECISION|PRIMARY|PRIVILEGES|PROCEDURE|PROCESSLIST|PURGE| RANGE|READ_WRITE|REGEXP|RELEASE|REPEAT|REQUIRE|RESIGNAL|RESTRICT|RETURN|REVOKE|RLIKE|ROLLBACK| SCHEMA|SCHEMAS|SECOND_MICROSECOND|SELECT|SENSITIVE|SEPARATOR|SHOW|SIGNAL|SLEEP|SMALLINT|SPATIAL|SPECIFIC|SQLEXCEPTION|SQLSTATE|SQLWARNING|SQL_BIG_RESULT|SQL_CALC_FOUND_ROWS|SQL_SMALL_RESULT|STARTING|STRAIGHT_JOIN|SUBSTR| TABLE|TERMINATED|TINYBLOB|TINYINT|TINYTEXT|TRAILING|TRANSACTION|TRIGGER| UNDO|UNHEX|UNION|UNLOCK|UNSIGNED|UPDATE|UPDATEXML|USAGE|USING|UTC_DATE|UTC_TIME|UTC_TIMESTAMP| VALUES|VARBINARY|VARCHAR|VARCHARACTER|VARYING|WHEN|WHERE|WHILE|WRITE|YEAR_MONTH|ZEROFILL)(?=[^\w]|$)/ix' xssRegex = '/(?: #tags (?:\<|\+ADw\-|\xC2\xBC)(script|iframe|svg|object|embed|applet|link|style|meta|\/\/|\?xml\-stylesheet)(?:[^\w]|\xC2\xBE)| #protocols (?:^|[^\w])(?:(?:\s*(?:&\#(?:x0*6a|0*106)|j)\s*(?:&\#(?:x0*61|0*97)|a)\s*(?:&\#(?:x0*76|0*118)|v)\s*(?:&\#(?:x0*61|0*97)|a)|\s*(?:&\#(?:x0*76|0*118)|v)\s*(?:&\#(?:x0*62|0*98)|b)|\s*(?:&\#(?:x0*65|0*101)|e)\s*(?:&\#(?:x0*63|0*99)|c)\s*(?:&\#(?:x0*6d|0*109)|m)\s*(?:&\#(?:x0*61|0*97)|a)|\s*(?:&\#(?:x0*6c|0*108)|l)\s*(?:&\#(?:x0*69|0*105)|i)\s*(?:&\#(?:x0*76|0*118)|v)\s*(?:&\#(?:x0*65|0*101)|e))\s*(?:&\#(?:x0*73|0*115)|s)\s*(?:&\#(?:x0*63|0*99)|c)\s*(?:&\#(?:x0*72|0*114)|r)\s*(?:&\#(?:x0*69|0*105)|i)\s*(?:&\#(?:x0*70|0*112)|p)\s*(?:&\#(?:x0*74|0*116)|t)|\s*(?:&\#(?:x0*6d|0*109)|m)\s*(?:&\#(?:x0*68|0*104)|h)\s*(?:&\#(?:x0*74|0*116)|t)\s*(?:&\#(?:x0*6d|0*109)|m)\s*(?:&\#(?:x0*6c|0*108)|l)|\s*(?:&\#(?:x0*6d|0*109)|m)\s*(?:&\#(?:x0*6f|0*111)|o)\s*(?:&\#(?:x0*63|0*99)|c)\s*(?:&\#(?:x0*68|0*104)|h)\s*(?:&\#(?:x0*61|0*97)|a)|\s*(?:&\#(?:x0*64|0*100)|d)\s*(?:&\#(?:x0*61|0*97)|a)\s*(?:&\#(?:x0*74|0*116)|t)\s*(?:&\#(?:x0*61|0*97)|a)(?!(?:&\#(?:x0*3a|0*58)|\:)(?:&\#(?:x0*69|0*105)|i)(?:&\#(?:x0*6d|0*109)|m)(?:&\#(?:x0*61|0*97)|a)(?:&\#(?:x0*67|0*103)|g)(?:&\#(?:x0*65|0*101)|e)(?:&\#(?:x0*2f|0*47)|\/)(?:(?:&\#(?:x0*70|0*112)|p)(?:&\#(?:x0*6e|0*110)|n)(?:&\#(?:x0*67|0*103)|g)|(?:&\#(?:x0*62|0*98)|b)(?:&\#(?:x0*6d|0*109)|m)(?:&\#(?:x0*70|0*112)|p)|(?:&\#(?:x0*67|0*103)|g)(?:&\#(?:x0*69|0*105)|i)(?:&\#(?:x0*66|0*102)|f)|(?:&\#(?:x0*70|0*112)|p)?(?:&\#(?:x0*6a|0*106)|j)(?:&\#(?:x0*70|0*112)|p)(?:&\#(?:x0*65|0*101)|e)(?:&\#(?:x0*67|0*103)|g)|(?:&\#(?:x0*74|0*116)|t)(?:&\#(?:x0*69|0*105)|i)(?:&\#(?:x0*66|0*102)|f)(?:&\#(?:x0*66|0*102)|f)|(?:&\#(?:x0*73|0*115)|s)(?:&\#(?:x0*76|0*118)|v)(?:&\#(?:x0*67|0*103)|g)(?:&\#(?:x0*2b|0*43)|\+)(?:&\#(?:x0*78|0*120)|x)(?:&\#(?:x0*6d|0*109)|m)(?:&\#(?:x0*6c|0*108)|l))(?:(?:&\#(?:x0*3b|0*59)|;)(?:&\#(?:x0*63|0*99)|c)(?:&\#(?:x0*68|0*104)|h)(?:&\#(?:x0*61|0*97)|a)(?:&\#(?:x0*72|0*114)|r)(?:&\#(?:x0*73|0*115)|s)(?:&\#(?:x0*65|0*101)|e)(?:&\#(?:x0*74|0*116)|t)(?:&\#(?:x0*3d|0*61)|=)[\-a-z0-9]+)?(?:(?:&\#(?:x0*3b|0*59)|;)(?:&\#(?:x0*62|0*98)|b)(?:&\#(?:x0*61|0*97)|a)(?:&\#(?:x0*73|0*115)|s)(?:&\#(?:x0*65|0*101)|e)(?:&\#(?:x0*36|0*54)|6)(?:&\#(?:x0*34|0*52)|4))?(?:&\#(?:x0*2c|0*44)|,)))\s*(?:&\#(?:x0*3a|0*58)|\:)| #css expression (?:^|[^\w])(?:(?:\\0*65|\\0*45|e)(?:\/\*.*?\*\/)*(?:\\0*78|\\0*58|x)(?:\/\*.*?\*\/)*(?:\\0*70|\\0*50|p)(?:\/\*.*?\*\/)*(?:\\0*72|\\0*52|r)(?:\/\*.*?\*\/)*(?:\\0*65|\\0*45|e)(?:\/\*.*?\*\/)*(?:\\0*73|\\0*53|s)(?:\/\*.*?\*\/)*(?:\\0*73|\\0*53|s)(?:\/\*.*?\*\/)*(?:\\0*69|\\0*49|i)(?:\/\*.*?\*\/)*(?:\\0*6f|\\0*4f|o)(?:\/\*.*?\*\/)*(?:\\0*6e|\\0*4e|n))[^\w]*?(?:\\0*28|\()| #css properties (?:^|[^\w])(?:(?:(?:\\0*62|\\0*42|b)(?:\/\*.*?\*\/)*(?:\\0*65|\\0*45|e)(?:\/\*.*?\*\/)*(?:\\0*68|\\0*48|h)(?:\/\*.*?\*\/)*(?:\\0*61|\\0*41|a)(?:\/\*.*?\*\/)*(?:\\0*76|\\0*56|v)(?:\/\*.*?\*\/)*(?:\\0*69|\\0*49|i)(?:\/\*.*?\*\/)*(?:\\0*6f|\\0*4f|o)(?:\/\*.*?\*\/)*(?:\\0*72|\\0*52|r)(?:\/\*.*?\*\/)*)|(?:(?:\\0*2d|\\0*2d|-)(?:\/\*.*?\*\/)*(?:\\0*6d|\\0*4d|m)(?:\/\*.*?\*\/)*(?:\\0*6f|\\0*4f|o)(?:\/\*.*?\*\/)*(?:\\0*7a|\\0*5a|z)(?:\/\*.*?\*\/)*(?:\\0*2d|\\0*2d|-)(?:\/\*.*?\*\/)*(?:\\0*62|\\0*42|b)(?:\/\*.*?\*\/)*(?:\\0*69|\\0*49|i)(?:\/\*.*?\*\/)*(?:\\0*6e|\\0*4e|n)(?:\/\*.*?\*\/)*(?:\\0*64|\\0*44|d)(?:\/\*.*?\*\/)*(?:\\0*69|\\0*49|i)(?:\/\*.*?\*\/)*(?:\\0*6e|\\0*4e|n)(?:\/\*.*?\*\/)*(?:\\0*67|\\0*47|g)(?:\/\*.*?\*\/)*))[^\w]*(?:\\0*3a|\\0*3a|:)[^\w]*(?:\\0*75|\\0*55|u)(?:\\0*72|\\0*52|r)(?:\\0*6c|\\0*4c|l)| #properties (?:^|[^\w])(?:on(?:abort|activate|afterprint|afterupdate|autocomplete|autocompleteerror|beforeactivate|beforecopy|beforecut|beforedeactivate|beforeeditfocus|beforepaste|beforeprint|beforeunload|beforeupdate|blur|bounce|cancel|canplay|canplaythrough|cellchange|change|click|close|contextmenu|controlselect|copy|cuechange|cut|dataavailable|datasetchanged|datasetcomplete|dblclick|deactivate|drag|dragend|dragenter|dragleave|dragover|dragstart|drop|durationchange|emptied|encrypted|ended|error|errorupdate|filterchange|finish|focus|focusin|focusout|formaction|formchange|forminput|hashchange|help|input|invalid|keydown|keypress|keyup|languagechange|layoutcomplete|load|loadeddata|loadedmetadata|loadstart|losecapture|message|mousedown|mouseenter|mouseleave|mousemove|mouseout|mouseover|mouseup|mousewheel|move|moveend|movestart|mozfullscreenchange|mozfullscreenerror|mozpointerlockchange|mozpointerlockerror|offline|online|page|pagehide|pageshow|paste|pause|play|playing|popstate|progress|propertychange|ratechange|readystatechange|reset|resize|resizeend|resizestart|rowenter|rowexit|rowsdelete|rowsinserted|scroll|search|seeked|seeking|select|selectstart|show|stalled|start|storage|submit|suspend|timer|timeupdate|toggle|unload|volumechange|waiting|webkitfullscreenchange|webkitfullscreenerror|wheel)|data\-bind|ev:event)[^\w] )/ix' if (notEquals('', request.body.ure_other_roles) and match('#/wp\-admin/(network/)?(profile|user-new)\.php#i', request.path) and currentUserIsNot('administrator', server.empty)): block(id=18, category='priv-esc', description='User Roles Manager Privilege Escalation <= 4.24', whitelist=0) if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and equals('update-plugin', request.body.action, request.queryString.action) and match('/(^|\/|\\|%2f|%5c)\.\.(\\|\/|%2f|%5c)/i', request.body, request.queryString)): block(id=66, category='dos', description='WordPress Core <= 4.5.3 - DoS') if ((match('#/wp\-admin/(network/)?(post|profile|user-new|settings)\.php$#i', server.script_filename)) or (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and (equals('wordfence_loadLiveTraffic', request.body.action) or equals('wordfence_ticker', request.body.action) or (currentUserIs('administrator', server.empty) and (equals('install-plugin', request.body.action) or equals('update-plugin', request.body.action) or equals('delete-plugin', request.body.action) or equals('search-plugins', request.body.action) or equals('search-install-plugins', request.body.action) or equals('activate-plugin', request.body.action) or equals('update-theme', request.body.action) or equals('delete-theme', request.body.action) or equals('install-theme', request.body.action)))))): allow(id=1, category='whitelist', description='Whitelisted URL') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and (((equals('revslider_show_image', request.queryString.action) or equals('nopriv_revslider_show_image', request.queryString.action)) and match('/\.php$/i', request.queryString.img)) or ((equals('revslider_show_image', request.body.action) or equals('nopriv_revslider_show_image', request.body.action)) and match('/\.php$/i', request.body.img)))): block(id=2, category='lfi', description='Slider Revolution: Local File Inclusion', whitelist=0) if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and (((equals('revslider_ajax_action', request.queryString.action) or equals('nopriv_revslider_ajax_action', request.queryString.action)) and equals('update_plugin', request.queryString.client_action)) or ((equals('revslider_ajax_action', request.body.action) or equals('nopriv_revslider_ajax_action', request.body.action)) and equals('update_plugin', request.body.client_action))) and currentUserIsNot('administrator', server.empty)): block(id=60, category='file_upload', description='Slider Revolution: Arbitrary File Upload', whitelist=0) if (match('/dzs\-videogallery[\/]+admin[\/]+(?:playlist|tag)seditor[\/]+popup\.php/', request.path) and contains('\'', request.queryString.initer)): blockXSS(id=15, category='xss', description='dzs-videogallery 8.80 XSS HTML injection in inline JavaScript', whitelist=0) if (match('/simple-ads-manager[\/]+sam-ajax-loader\.php/', request.path) and match(sqliRegex, base64decode(request.body.wc))): block(id=16, category='sqli', description='Simple Ads Manager <= 2.9.4.116 - SQL Injection', whitelist=0) if (match('/gwolle\-gb[\/]+frontend[\/]+captcha[\/]+ajaxresponse\.php/', request.path) and match('/.*/', request.queryString.abspath)): block(id=17, category='rfi', description='Gwolle Guestbook <= 1.5.3 - Remote File Inclusion', whitelist=0) if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and ((currentUserIsNot('administrator', server.empty) and md5Equals('9074dbf9b7e456eb88fbc7230567f54b', request.body.action, request.queryString.action)) or (currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and currentUserIsNot('contributor', server.empty) and (md5Equals('49e2f0e45d9672ef2125965277c49344', request.body.action, request.queryString.action) or md5Equals('32d93c4d8c0a9367f2da487238b141cc', request.body.action, request.queryString.action))))): block(id=19, category='sde', description='Yoast Wordpress SEO <= 3.1.2 - Sensitive Data Exposure') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and md5Equals('5c9fefc9f24ecfd74addc2eaff8481fc', request.body.action, request.queryString.action) and (currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and currentUserIsNot('contributor', server.empty))): block(id=20, category='auth-bypass', description='WordPress Core <= 4.5.0 - Authentication Bypass') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and equals('nf_async_upload', request.body.action, request.queryString.action) and currentUserIsNot('administrator', server.empty)): block(id=21, category='file_upload', description='Ninja Forms <= 2.9.42 - Arbitrary File Upload') if (notEquals('', request.body.nf2to3) and notEquals('', request.body.update_ninja_forms_settings) and notEquals('', request.body.ninja_forms) and currentUserIsNot('administrator', server.empty)): block(id=22, category='auth-bypass', description='Ninja Forms <= 2.9.42: Missing Authentication Check') if (notEquals('', request.body.nf2to3) and (notEquals('', request.body.nf_export_form, request.queryString.nf_export_form) or equals('nf_import_form', request.fileNames)) and currentUserIsNot('administrator', server.empty)): block(id=23, category='auth-bypass', description='Ninja Forms <= 2.9.42: Missing Authentication Check') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and match('/^CF[0-9a-f]+$/i', request.body.form) and (md5Equals('91718ce4540ea4492190efd99f7fa6c2', request.body.action, request.queryString.action) or md5Equals('ab202c0ef9012b9b64798d6361419609', request.body.action, request.queryString.action))): block(id=24, category='sde', description='Caldera Forms <= 1.3.5 - Sensitive Data Exposure') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and md5Equals('82268713c6ea5aec38c946035be94678', request.body.action, request.queryString.action)): block(id=25, category='auth-bypass', description='WP Fastest Cache <= 0.8.5.6 - Authorization Bypass') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and md5Equals('2d46446beaeec1c0fd44fbbe228b0c21', request.body.action, request.queryString.action)): block(id=26, category='auth-bypass', description='WP Fastest Cache <= 0.8.5.6 - Authorization Bypass') if (match('/\/wp\-admin[\/]+admin\.php/i', request.path) and ((md5Equals('8fe5104833b48c11b4c6a3e611e3f544', request.queryString.page) and lengthGreaterThan('0', request.body.page)) or (md5Equals('d2cb1ebf7e72e3749053af2966d8946c', request.queryString.page) and lengthGreaterThan('0', request.body.page)) or (md5Equals('2767cc3ede7592a47bd6657e3799565c', request.queryString.page) and lengthGreaterThan('0', request.body.page)) or (md5Equals('cce3df80f07d36b56db4376a4802d6c2', request.queryString.page) and lengthGreaterThan('0', request.body.page)))): block(id=27, category='xss', description='HDW Player Plugin <= 3.4 - Reflected XSS') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and md5Equals('69301e541e806abf94827302f94bb4cc', request.body.action, request.queryString.action) and notMatch('/^[0-9]+$/', request.body.post_id)): block(id=28, category='sqli', description='Google SEO Pressor Snippet Plugin <= 1.2.6 - SQL Injection') if (equals('mainwp-setup', request.body.page, request.queryString.page) and currentUserIsNot('administrator', server.empty)): block(id=29, category='xss', description='WPMain Stored XSS <= 3.1.2') if (lengthGreaterThan('0', request.md5Body['3448147ad57606b48fc7a2d1bf946c3f']) and (currentUserIsNot('administrator', server.empty) or notMatch('/^\d+$/', request.md5Body['3448147ad57606b48fc7a2d1bf946c3f']) or (lengthGreaterThan('0', request.md5Body['64adec2d588253e23e718034b1ad140d']) and notMatch('/^\d+$/', request.md5Body['64adec2d588253e23e718034b1ad140d'])) or (lengthGreaterThan('0', request.md5Body.ab494af1a5663f82e0b8b11723b87867) and notMatch('/^\d+$/', request.md5Body.ab494af1a5663f82e0b8b11723b87867)))): block(id=31, category='file_upload', description='EWWW Image Optimizer <= 2.8.0 [Remote Command Execution]') if (match('/\/wp\-admin[\/]+options\.php/i', request.path) and notMatch('/^#?[0-9a-f]+$/i', request.md5Body['9b5354ddf005f69745b19155d2b64725']) and lengthGreaterThan('0', request.md5Body['9b5354ddf005f69745b19155d2b64725'])): block(id=32, category='xss', description='Customize Admin Stored XSS <= 1.6.6') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and ((md5Equals('46f5a89acb206a7f58db187e45fa2a4d', request.body.action) and notMatch('/^(?:country|city)$/ix', request.md5Body['5fc75f82e79d75efb9716109034a3209'])))): block(id=33, category='sqli', description='Kento Post View Counter SQLi <= 2.8') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and ((md5Equals('b33c30f8f27dd4a25de0da3f7be5afad', request.body.action) and match('/[^-:0-9]/', request.md5Body['1e3c6aaf636066719ec996aca10b440c'])))): block(id=34, category='xss', description='Kento Post View Counter Reflected XSS <= 2.8') if (equals('Y', request.body.kentopvc_hidden) and (notMatch('/^1?$/', request.body.kento_pvc_hide) or notMatch('/^1?$/', request.body.kento_pvc_uniq) or match(xssRegex, request.body.kento_pvc_today_text) or match(xssRegex, request.body.kento_pvc_total_text) or match(xssRegex, request.body.kento_pvc_numbers_lang) or notMatch('/^1?$/', request.body.kento_pvc_posttype))): block(id=35, category='xss', description='Kento Post View Counter Stored XSS <= 2.8') if ((match('#/wp\-mobile\-detector[/]+resize\.php#i', request.path) or match('#/wp\-mobile\-detector[/]+timthumb\.php#i', request.path)) and ((lengthGreaterThan('0', request.body.src) and notMatch('/\.(?:png|gif|jpg|jpeg|jif|jfif|svg)$/i', request.body.src)) or (lengthGreaterThan('0', request.queryString.src) and notMatch('/\.(?:png|gif|jpg|jpeg|jif|jfif|svg)$/i', request.queryString.src)))): block(id=36, category='file_upload', description='WP Mobile Detector <= 3.5 - Arbitrary File Upload') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and (currentUserIsNot('administrator', server.empty) or (lengthGreaterThan('0', request.body.id) and notMatch('/^[0-9]+$/', request.body.id))) and equals('populate_download_edit_form', request.body.action, request.queryString.action)): block(id=37, category='sqli', description='Double Opt-In for Download <= 2.0.9 - SQL Injection') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and md5Equals('9082302c5211de15622f1cfab357f521', request.body.action, request.queryString.action)): block(id=38, category='sde', description='WP Maintenance Mode <= 2.0.3 - Sensitive Data Exposure') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and md5Equals('002138689cdae4fcd6e725bf66e38b7e', request.body.action, request.queryString.action)): block(id=39, category='sde', description='WP Maintenance Mode <= 2.0.3 - Auth Bypass') if (match('#wp\-admin/+options\-general.php$#i', server.script_filename) and md5Equals('dab0846b692865a1f9885ed20d7fd2f7', request.body.page, request.queryString.page) and match('/["\$]/', request.md5Body['93da65a9fd0004d9477aeac024e08e15']['0eb9b3af2e4a00837a1b1a854c9ea18c']['03ae7ca473a366eb6398f7d6239152fa'], request.md5QueryString['93da65a9fd0004d9477aeac024e08e15']['0eb9b3af2e4a00837a1b1a854c9ea18c']['03ae7ca473a366eb6398f7d6239152fa']) and md5Equals('c4ca4238a0b923820dcc509a6f75849b', request.md5Body['93da65a9fd0004d9477aeac024e08e15']['0eb9b3af2e4a00837a1b1a854c9ea18c']['5d0bebf298375c590cd3d8f06528d232'], request.md5QueryString['93da65a9fd0004d9477aeac024e08e15']['0eb9b3af2e4a00837a1b1a854c9ea18c']['5d0bebf298375c590cd3d8f06528d232']) and md5Equals('0eb9b3af2e4a00837a1b1a854c9ea18c', request.md5Body.e7f8cbd87d347be881cba92dad128518, request.md5QueryString.e7f8cbd87d347be881cba92dad128518)): block(id=40, category='rce', description='WP Maintenance Mode <= 2.0.3 - Remote Code Execution') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and equals('rbs_gallery', request.queryString.action, request.body.action) and currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and currentUserIsNot('contributor', server.empty)): block(id=41, category='auth-bypass', description='Robo Gallery <= 2.0.14 - Auth Bypass') if (match('#/wp\-admin[/]+admin\-ajax\.php#i', request.path) and currentUserIsNot('administrator', server.empty) and md5Equals('53ce229902e6621b2723cbb0908123f7', request.body.action, request.queryString.action) and md5Equals('0c0c8667d3d4f9c86cbc49e0e345e206', request.body.type, request.queryString.type)): block(id=42, category='file-download', description='Memphis Documents Library <= 3.4.5 - Unauthenticated Arbitrary File Download') if (lengthGreaterThan('0', request.md5QueryString['932d0cf39a5aa4fc1c3faddaf42e8325']) and notMatch('/^[0-9]*$/', request.md5QueryString['58f627ddac2040609edf8ccd8c406fef'])): block(id=43, category='lfi', description='SEO by SQUIRRLY <= 6.1.0 - Local File Inclusion') if (match('#/wp\-admin/#i', request.path) and currentUserIsNot('administrator', server.empty) and (md5Equals('c12e6c914ed9a7bbeca851684096ac94', request.body.action, request.queryString.action) or md5Equals('eadf52d0c96eb78634b8d939a66fb96f', request.body.action, request.queryString.action) or md5Equals('affcac9194a01c0146937eac49f5bd9f', request.body.action, request.queryString.action))): block(id=44, category='auth-bypass', description='SEO by SQUIRRLY <= 6.1.0 - Auth Bypass') if (currentUserIsNot('administrator', server.empty) and (identical('', request.md5Body.c4e0bb93e05f5345cde016b6825a904c) or lengthGreaterThan('0', request.md5Body.c4e0bb93e05f5345cde016b6825a904c))): block(id=45, category='auth-bypass', description='DELUCKS SEO <= 1.3.9 - Unauthorized Options Update') if (match('/\/wp\-admin[\/]+admin\-ajax\.php/i', request.path) and currentUserIsNot('administrator', server.empty) and (md5Equals('44a896976080543c93e1cf8ac2c3c49f', request.body.action, request.queryString.action) or md5Equals('a15a50b6c91bb753e728ffa0cc2911de', request.body.action, request.queryString.action))): block(id=46, category='auth-bypass', description='WiziApp - All in One mobile suite <= 4.1.2 - Auth Bypass') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and currentUserIsNot('administrator', server.empty) and md5Equals('df4b4806fa32e25f927721199f290e61', request.body.action, request.queryString.action)): block(id=47, category='priv-esc', description='Profile Builder <= 2.4.0 - Privilege Escalation') if ((match('/Abonti|aggregator|AhrefsBot|asterias|BDCbot|BLEXBot|BuiltBotTough|Bullseye|BunnySlippers|ca\-crawler|CCBot|Cegbfeieh|CheeseBot|CherryPicker|CopyRightCheck|cosmos|Crescent|discobot|DittoSpyder|DotBot|Download Ninja|EasouSpider|EmailCollector|EmailSiphon|EmailWolf|EroCrawler|Exabot|ExtractorPro|Fasterfox|FeedBooster|Foobot|Genieo|grub\-client|Harvest|hloader|httplib|HTTrack|humanlinks|ieautodiscovery|InfoNaviRobot|IstellaBot|Java\/1\.|JennyBot|k2spider|Kenjin Spider|Keyword Density\/0\.9|larbin|LexiBot|libWeb|libwww|LinkextractorPro|linko|LinkScan\/8\.1a Unix|LinkWalker|LNSpiderguy|lwp\-trivial|magpie|Mata Hari|MaxPointCrawler|MegaIndex|Microsoft URL Control|MIIxpc|Mippin|Missigua Locator|Mister PiX|MJ12bot|moget|MSIECrawler|NetAnts|NICErsPRO|Niki\-Bot|NPBot|Nutch|Offline Explorer|Openfind|panscient\.com|PHP\/5\.\{|ProPowerBot\/2\.14|ProWebWalker|Python\-urllib|QueryN Metasearch|RepoMonkey|RMA|SemrushBot|SeznamBot|SISTRIX|sitecheck\.Internetseer\.com|SiteSnagger|SnapPreviewBot|Sogou|SpankBot|spanner|spbot|Spinn3r|suzuran|Szukacz\/1\.4|Teleport|Telesoft|The Intraformant|TheNomad|TightTwatBot|Titan|toCrawl\/UrlDispatcher|True_Robot|turingos|TurnitinBot|UbiCrawler|UnisterBot|URLy Warning|VCI|WBSearchBot|Web Downloader\/6\.9|Web Image Collector|WebAuto|WebBandit|WebCopier|WebEnhancer|WebmasterWorldForumBot|WebReaper|WebSauger|Website Quester|Webster Pro|WebStripper|WebZip|Wotbox|wsr\-agent|WWW\-Collector\-E|Xenu|Zao|Zeus|ZyBORG|coccoc|Incutio|lmspider|memoryBot|SemrushBot|serf|Unknown|uptime files/i', request.headers['User-Agent']) and match(xssRegex, request.headers['User-Agent'])) or (match('/semalt\.com|kambasoft\.com|savetubevideo\.com|buttons\-for\-website\.com|sharebutton\.net|soundfrost\.org|srecorder\.com|softomix\.com|softomix\.net|myprintscreen\.com|joinandplay\.me|fbfreegifts\.com|openmediasoft\.com|zazagames\.org|extener\.org|openfrost\.com|openfrost\.net|googlsucks\.com|best\-seo\-offer\.com|buttons\-for\-your\-website\.com|www\.Get\-Free\-Traffic\-Now\.com|best\-seo\-solution\.com|buy\-cheap\-online\.info|site3\.free\-share\-buttons\.com|webmaster\-traffic\.co/i', request.headers.Referer) and match(xssRegex, request.headers.Referer))): block(id=48, category='xss', description='All in One SEO Pack 2.3.6.1 - Persistent XSS') if (match('/sitemap_.*?<.*?(:?_\d+)?\.xml(:?\.gz)?/i', request.path)): block(id=49, category='xss', description='All in One SEO Pack <= 2.3.7 - Unauthenticated Stored XSS') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and equals('frs_save', request.body.action) and currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty)): block(id=50, category='auth-bypass', description='Fluid Responsive Slideshow <= 2.2.26 - Unauthorized Content Modification') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and currentUserIsNot('administrator', server.empty) and lengthGreaterThan('0', request.md5Body.dfff0a7fa1a55c8c1a4966c19f6da452, request.md5QueryString.dfff0a7fa1a55c8c1a4966c19f6da452) and md5Equals('266e0d3d29830abfe7d4ed98b47966f7', request.body.action, request.queryString.action)): block(id=52, category='file_upload', description='File Manager <= 3.0.0 - Arbitrary File Upload/Download') if (currentUserIsNot('administrator', server.empty) and match('/^(?:lvo_admin_head|lvo_add_new_album|lvo_delete_album|reset_albums|save_lvo_settings|lvo_single_image_upload|lvo_resize_image_and_add|lvo_delete_image|lvo_get_albums_table|lvo_get_albums_images_table|activate|deactivate|lvo_get_album|lvo_get_album_images|get_image|lvo_delete_cache|lvo_reorder_image|lvo_reorder_album|lvo_bulk_delete_albums|lvo_bulk_disable_albums|lvo_bulk_enable_albums|delete_image|lvo_bulk_delete_images|lvo_bulk_disable_images|lvo_bulk_enable_images|lvo_disable_album|lvo_enable_album|lvo_disable_image|lvo_enable_image)$/i', request.body.task, request.queryString.task)): block(id=53, category='file_upload', description='Levo Slideshow <= 2.3 - Arbitrary File Upload') if (match('#/form\-lightbox/ajax\.php$#i', server.script_filename) and currentUserIsNot('administrator', server.empty)): block(id=55, category='auth-bypass', description='Form Lightbox <= 2.1 - Unauthenticated Options Update') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and currentUserIsNot('administrator', server.empty) and equals('dcwss_update', request.body.action, request.queryString.action)): block(id=56, category='auth-bypass', description='WordPress Social Stream <= 1.5.15 - Authenticated Unauthorized Options Update') if (currentUserIsNot('administrator', server.empty) and (md5Equals('8c2e1c2817e3de18e2140498bdd4f7fa', request.queryString.Action) or md5Equals('e12a2417ffbd0ae4010210b596a3f230', request.queryString.Action) or md5Equals('df33bf68ad0288e1547139e02c1e096b', request.queryString.Action) or md5Equals('c000b32f92bbd81b6cbbddd101073e54', request.queryString.Action) or md5Equals('cc61a84091dcc8b9bd6ae35cf48d71ab', request.queryString.Action) or md5Equals('c80c9038bbb5910385decc276e42061e', request.queryString.Action) or md5Equals('b81e270701125a0024db04bebdbcfc2a', request.queryString.Action) or md5Equals('2e563359c1b268da0041c5bf822857a1', request.queryString.Action) or md5Equals('4ba84dbaaafd4e7d98f55e9f093fe65a', request.queryString.Action) or md5Equals('1deb089a44f2962f92c678a451e61142', request.queryString.Action) or md5Equals('6ffa8f3e70a6279866e4b2c16fe18729', request.queryString.Action) or md5Equals('aa1c4fd7fb193a2cd1b0cc9150131b31', request.queryString.Action) or md5Equals('91e590bfc230eb3971ef1bb6b97ef974', request.queryString.Action) or md5Equals('d0e980fd7bc681b3c3085b1ac31024d6', request.queryString.Action) or md5Equals('069dde6f8ea27c8618cc8f6c6703a7c7', request.queryString.Action) or md5Equals('819900411c0d5c99c116bbce137ee04b', request.queryString.Action) or md5Equals('097d5401a3ae688b669f29351b9667de', request.queryString.Action) or md5Equals('81f1bbc03176c4525b8801b0058b309a', request.queryString.Action) or md5Equals('a8072b3a87b49ffea18548f35c6abd8c', request.queryString.Action) or md5Equals('364409901cb1fce968104dce4bf7e4fe', request.queryString.Action) or md5Equals('246c8343383408c8644f31b1f42617ce', request.queryString.Action) or md5Equals('66d87c0a0e2c02192c322c61d9d6990a', request.queryString.Action) or md5Equals('67bfe619d00425b51276ae083ae271a5', request.queryString.Action) or md5Equals('4aaddae320d8aaa8241ffd22693dd546', request.queryString.Action) or md5Equals('141f5901534f2b3092be526cac250bb6', request.queryString.Action) or md5Equals('2b7efaffcb87e027a011c33125585db7', request.queryString.Action) or md5Equals('979e32726f541a1e568557e9eb6554aa', request.queryString.Action) or md5Equals('c252a9eb30d304ba6079376ef5231aad', request.queryString.Action) or md5Equals('75b0967858cf244d4e2654e69b33d2f1', request.queryString.Action) or md5Equals('9cfad494bbf947c2ce316fe96eac396d', request.queryString.Action) or md5Equals('a4a148b325f286e07d9f24e3654e2672', request.queryString.Action) or md5Equals('3863850b63dc41d4e6e8cee097644d18', request.queryString.Action) or md5Equals('8fb62eed357b03c7be735352ab247bbe', request.queryString.Action) or md5Equals('a0380a8020e3a09257a6c67a1fe14627', request.queryString.Action) or md5Equals('b0f145120ec76e700969f63c5af3e8f4', request.queryString.Action) or md5Equals('52f6fc037a9e97f93309b1115882c080', request.queryString.Action) or md5Equals('f2a2c32747d2d49ddf682158eb9a510e', request.queryString.Action) or md5Equals('5caa7c3d6bba5a36798619b0ac4747bb', request.queryString.Action) or md5Equals('a0793408acebd97af0414d46b6705a65', request.queryString.Action) or md5Equals('f605a16b247f81f2eb2fdc097e1e1a19', request.queryString.Action) or md5Equals('ea7348459bf68bf881facb0e5d18ccd7', request.queryString.Action) or md5Equals('c747677e1903fdfffd4108f3347cf5ab', request.queryString.Action) or md5Equals('05c0ea3ee2df67b6bc2f3921c3fe2180', request.queryString.Action) or md5Equals('d986eb29534241e46402c30e678af902', request.queryString.Action))): block(id=57, category='priv-esc', description='Ultimate Product Catalogue <= 3.8.1 - Privilege Escalation') if (match('#includes\/+plugin\-media\-upload\.php$#i', server.script_filename) and currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and currentUserIsNot('contributor', server.empty)): block(id=58, category='file_upload', description='360 Product Rotation <= 1.2.1 - Arbitrary File Upload') if (match(xssRegex, request.headers['Client-IP'], request.headers['X-Forwarded-For'], request.headers['X-Forwarded'], request.headers['X-Cluster-Client-IP'], request.headers['Forwarded-For'], request.headers.Forwarded)): block(id=59, category='xss', description='WordPress Activity Log <= 2.3.1 - Persistent XSS') if (match('#/wp\-admin/admin\-ajax\.php$#i', server.script_filename) and match(sqliRegex, request.body.umm_user, request.queryString.umm_user)): block(id=61, category='sqli', description='User Meta Manager <= 3.4.6 - SQL Injection') if (match('/\/(?:timthumb\.php|img\.php)/i', request.path) and match('/[^A-Za-z0-9\-\.\_:\/\?\&\+\;\=]/', request.queryString.src) and lengthGreaterThan('0', request.queryString.webshot)): block(id=64, category='rce', description='TimThumb <= 2.8.13 - Remote Code Execution') if (match('/\/(?:timthumb\.php|img\.php)/i', request.path) and notMatch('_^[^\?]+?\.(?:jpg|jpeg|gif|png)(?:\?[a-z0-9\-\_\.\~%\!\$&\'\(\)\*\+,;\=\:@\/\?]*)?$_iu', request.queryString.src) and lengthGreaterThan('0', request.queryString.src) and (lengthLessThan('1', request.queryString.webshot) or equals('0', request.queryString.webshot))): block(id=63, category='rfd', description='TimThumb <= 1.33 - Remote File Download') if (currentUserIsNot('administrator', server.empty) and match('/^(?:wysija_)+campaigns/i', request.body.page, request.queryString.page) and (equals('themes', request.body.action, request.queryString.action) or equals('themeupload', request.body.action, request.queryString.action))): block(id=65, category='file_upload', description='MailPoet <= 2.6.7 - Arbitrary File Upload') if (currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and filePatternsMatch('', request.fileNames)): block(id=68, category='file_upload', description='Malicious File Upload (Patterns)') if (currentUserIsNot('administrator', server.empty) and currentUserIsNot('editor', server.empty) and currentUserIsNot('author', server.empty) and fileHasPHP('', request.fileNames)): block(id=76, category='file_upload', description='Malicious File Upload (PHP)') if (matchCount(sqliRegex, request.body, request.queryString)): failSQLi(id=3, category='sqli', score=40, description='SQL Injection') if (matchCount(xssRegex, request.body, request.queryString)): failXSS(id=9, category='xss', score=100, description='XSS: Cross Site Scripting') if (match('/\.(p(h(p|tml)[0-9]?|l|y)|(j|a)sp|aspx|sh|shtml|html?|cgi|htaccess|user\.ini)($|\.)/i', request.fileNames) and currentUserIsNot('administrator', server.empty)): block(id=11, category='file_upload', description='Malicous File Upload') if (match('/(^|\/|\\)(\.\.?(\\|\/)+)+wp\-config\.php/i', request.body, request.queryString) and currentUserIsNot('administrator', server.empty)): block(id=67, category='lfi', description='Directory Traversal - wp-config.php', whitelist=0) if (match('/(^|\/|\\)\.\.(\\|\/)/', request.body, request.queryString) and currentUserIsNot('administrator', server.empty)): block(id=12, category='lfi', description='Directory Traversal') if (match('/^\/(?:\.\/)*(?:var|home|usr|mnt|media|etc|tmp|dev|proc)\//i', request.body, request.queryString) and currentUserIsNot('administrator', server.empty)): block(id=13, category='lfi', description='LFI: Local File Inclusion') if (match('/<\!(?:DOCTYPE|ENTITY)\s+(?:%\s*)?\w+\s+SYSTEM/i', request.body, request.queryString)): block(id=14, category='xxe', description='XXE: External Entity Expansion') International Systems Technology – Convert Your idea into reality

Enter your keyword

Software Solutions

IST is reliable partner when it comes to Information Technology solutions. We help our customer identify their need, Select right technology and tools, and successful implementation. We stand with our customer at every stage of Software solution implementation from requirement gathering to final testing, deployment and user taining.

Business Intelligence

Today's challenging market demand organizations to have more insight of their data to drive the business in right direction. This can be achieve with the help of knowledge of your customer behavior. A comprehensive, modern and database analysis tools can deliver the required reports, charts, and dashboard. Business Intelligence is techniques that help managers learn more about their business.

Social Media

Use of social media has huge impact on modern marketing. In contrast of conventional marketing this new marketing techniques call on demand marketing or targeted marketing. IST has years of experience helping client to build the brand, increase in sales. Our professional team can review your current strategy and suggest to convert each marketing dollar into revenue.

Cloud Computing

Cloud Computing can be termed as computing as service where corporate hire a third party to provide all its software and hardware need remotely manage and hosted at a secure location. Cloud computing model offers saving as compared to in house managing of all resources. Many companies are offering these services on ``pay as you go `` Model. For more detail contact us at info@istworld.com

Latest Posts

Social Media / Search Engine Marketing
Social Media / Search Engine Marketing

One of our strengths at IST is our ability to communicate effectively, which is the cornerstone of successful...

Other Services

IST has helped a number of its clients to implement an open source or branded solution, IST has the expertise to help guide through the process. We are proud proponents of the Open Source movement, and have successfully implemented numerous Open Source Solutions for our clients.

In this cost cutting edge, IST offers a economical and reliable offshore setup in Middle East and Asia. IST’s on shore / off Shore model bridge the gap between the requirement gathering and solution delivery. A professional team at both end (on shore and off shore) guarantee the successful solution delivery with in time and budget.