New WAF Objects: [total: 6]
==================================
Signature:
    ID: '708536'
    Name: Tomcat JMX Proxy to RCE via AccessLogValve Injection
    Attack: Remote Command Execution - Blocking
    Attack Class: Remote Command Execution
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="/manager/jmxproxy", part="Catalina", rgxp="(qry|invoke)=Catalina"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - url-and-parameters

Policy:
  name: 'CVE-2026-2699: Progress ShareFile Pre-Auth RCE Chain'
  id: '20000358'
  minimum version: '10.0'
  predicates:
  - type: HTTP Request
    operation: Match All
    match values:
    - part: parameter
      name: unzip
      operation: includes
      value: 'true'
    - part: url
      operation: includes
      value: /upload.aspx
  - type: HTTP Request Method
    operation: At Least One
    values:
    - POST

Signature:
    ID: '708535'
    Name: 'CVE-2026-1492: User Registration & Membership Plugin for WordPress - Unauthenticated
    Privilege Escalation'
    Attack: Account Takeover - Blocking
    Attack Class: Account Takeover
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="/wp-admin/admin-ajax.php", part="action=user_registration_membership_register_member", rgxp="members_data\=[\s\S]{0,10}\"role\"\s?\:\s?\"administrator\""
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - url-and-parameters

Signature:
    ID: '708534'
    Name: 'CVE-2026-34197: Apache ActiveMQ - RCE'
    Attack: Remote Command Execution - Blocking
    Attack Class: Remote Command Execution
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="/api/jolokia/", part="addNetworkConnector", part="brokerConfig"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - url-and-parameters

Policy:
  name: 'CVE-2020-35729 : Klog Server 2.4.1 - Command Injection'
  id: '20000351'
  minimum version: '10.0'
  predicates:
  - type: HTTP Request
    operation: Match All
    match values:
    - part: parameter
      name: user
      operation: MatchRegExp
      value: '[|&;`$\\]'
    - part: url
      operation: includes
      value: /actions/authenticate.php
  - type: HTTP Request Method
    operation: At Least One
    values:
    - POST

Policy:
  name: 'CVE-2020-15175 : GLPI dump files and valid sessions'
  id: '20000350'
  minimum version: '10.0'
  predicates:
  - type: HTTP Request Method
    operation: At Least One
    values:
    - POST
  - type: HTTP Request
    operation: Match All
    match values:
    - part: url
      operation: includes
      value: /front/pluginimage.send.php
    - part: parameter
      name: name
      operation: includes
      value: .htaccess
    - part: parameter
      name: plugin
      operation: includes
      value: ..
  - type: HTTP Request Parameter Name
    operation: At Least One
    values:
    - clean