I keep getting these emails from CSF regarding SQL injection on thumbnails.php - I have the newest version of coppermine gallery 1.5.48
Is this something I should be worried about, does it indicate a security hole in coppermine?
Time: Thu Apr 4 15:38:49 2019 -0500
IP: 58.64.152.132 (HK/Hong Kong/-)
Failures: 10 (mod_security)
Interval: 300 seconds
Blocked: Permanent Block [LF_TRIGGER]
Log entries:
[Thu Apr 04 15:38:42.813670 2019] [:error] [pid 126108:tid 47266698782464] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45)--||T:APACHE||PC:6662"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrUmDb-R0DorRXKe96OQAAAEA"]
[Thu Apr 04 15:38:43.336074 2019] [:error] [pid 128274:tid 47266811393792] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45)--||T:APACHE||PC:9763"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrU-kDohBGrzzvJtSadQAAANU"]
[Thu Apr 04 15:38:43.797690 2019] [:error] [pid 136302:tid 47266811393792] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45)--||T:APACHE||PC:9907"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrU43@k15E0xRmuJ4NYQAAAVU"]
[Thu Apr 04 15:38:44.236629 2019] [:error] [pid 128274:tid 47266800887552] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45)--||T:APACHE||PC:7231"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVPkDohBGrzzvJtSafQAAANA"]
[Thu Apr 04 15:38:44.703531 2019] [:error] [pid 126647:tid 47266698782464] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45)--||T:APACHE||PC:9410"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVLbtqEKLr3XRM62gsgAAAIA"]
[Thu Apr 04 15:38:45.181850 2019] [:error] [pid 136302:tid 47266707187456] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45)--||T:APACHE||PC:10380"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVY3@k15E0xRmuJ4NbgAAAUQ"]
[Thu Apr 04 15:38:45.666095 2019] [:error] [pid 128274:tid 47266711389952] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45),char(45,120,55,45,81,45)--||T:APACHE||PC:10800"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVfkDohBGrzzvJtSaiQAAAMY"]
[Thu Apr 04 15:38:46.139750 2019] [:error] [pid 136302:tid 47266711389952] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45),char(45,120,55,45,81,45),char(45,120,56,45,81,45)--||T:APACHE||PC:10177"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVo3@k15E0xRmuJ4NdAAAAUY"]
[Thu Apr 04 15:38:46.618764 2019] [:error] [pid 126108:tid 47266705086208] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45),char(45,120,55,45,81,45),char(45,120,56,45,81,45),char(45,120,57,45,81,45)--||T:APACHE||PC:7759"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrVmDb-R0DorRXKe96VgAAAEM"]
[Thu Apr 04 15:38:47.100731 2019] [:error] [pid 136302:tid 47266809292544] [client 58.64.152.132:0] [client 58.64.152.132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:album. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/123_Apps_OtherApps.conf"] [line "51"] [id "77220150"] [rev "4"] [msg "IM360 WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||MVN:ARGS:album||MV:5631111111111111'unionselectchar(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45),char(45,120,55,45,81,45),char(45,120,56,45,81,45),char(45,120,57,45,81,45),char(45,120,49,48,45,81,45)--||T:APACHE||PC:9188"] [severity "CRITICAL"] [tag "CWAF"] [tag "CVE-2013-5318"] [hostname "robert-downeyjr.com"] [uri "/photos/thumbnails.php"] [unique_id "XKZrV43@k15E0xRmuJ4NfAAAAVQ"]