SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Horde Groupware Webmail data import PHP code injection attempt
This rule looks for crafted data injected in the "escape" or the "quote" parameters sent to the Horde Groupware Webmail Edition. If crafted successfully, an attacker can get remote code execution on the vulnerable server.
What To Look For
This rule alerts on attempts to exploit a remote code execution vulnerability in Horde Groupware Webmail Edition.
No public information
No known false positives
Cisco Talos Intelligence Group