This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Sig detects attempts to exploit SQL injection vulnerability in Magento e-Commerce platform.
SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 18.104.22.168 and Enterprise Edition (EE) 22.214.171.124 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr] parameter when the popularity[from] or popularity[to] parameter is set.
Apply the patch as soon as possible. Always keep Magento product up to date. If you don't use Magento products but seeing this alert, you are probably safe.