This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a command injection vulnerability in phpThumb.
phpThumb() is an application used to create thumbnails from images.
The application is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input to the 'fltr' parameter in the 'phpThumb.php' script.
Attackers can exploit this issue to execute arbitrary commands in the context of the webserver.
Note that successful exploitation requires 'ImageMagick' to be installed.
- phpThumb() 1.7.9 is affected; other versions may also be vulnerable.