Hub WAF rule

More info

vpatch-CVE-2026-1207 WAF Rule

« Django - SQL Injection »
v0.2 by crowdsecurity
WAF rule

Detects SQL injection via the band parameter in Django RasterField/PostGIS endpoint

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2026-1207

YAML Configuration

1## autogenerated on 2026-02-18 14:27:26
2name: crowdsecurity/vpatch-CVE-2026-1207
3description: 'Detects SQL injection via the band parameter in Django RasterField/PostGIS endpoint'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10          - urldecode
11        match:
12          type: regex
13          value: '^/(api/raster/search/)?$'
14      - zones:
15          - ARGS
16        variables:
17          - band
18        transform:
19          - lowercase
20          - urldecode
21        match:
22          type: libinjectionSQL
23
24labels:
25  type: exploit
26  service: http
27  confidence: 3
28  spoofable: 0
29  behavior: 'http:exploit'
30  label: "Django - SQL Injection"
31  classification:
32    - cve.CVE-2026-1207
33    - attack.T1059
34    - cwe.CWE-89
35

Hub WAF rule

« Django - SQL Injection »v0.2 by crowdsecurityWAF rule

« Django - SQL Injection »
v0.2 by crowdsecurity
WAF rule