Atomicorp rule 340159

1. SecRule ARGS|XML:/*|!ARGS:data|!ARGS:resolution|!ARGS:json|!ARGS:/php/|!ARGS:wpSummary|!ARGS:/teaser/|!ARGS:fdata|!ARGS:file_content|!ARGS:/narrative/|!ARGS:data|!ARGS:/database/|!ARGS:/sql/|!ARGS:contenido|!ARGS:query|!ARGS:/descr/|!ARGS:/body/|!ARGS:/text/|!ARGS:/txt/|!ARGS:fck_tw_body|!ARGS:sub|!ARGS:msg_body|!ARGS:saved_data|!ARGS:fck_body|!ARGS:description|!ARGS:/message/|!ARGS:/content/|!ARGS:comment|!ARGS:p_action|!ARGS:/report/|!ARGS:/narrative/|!ARGS:/FCKeditor/ "(?:(\w+)(?:user|and)(\w+)char\([0-9]+\)|(?:execute|convert)\(|; ?delete.*;(?:insert|declare|varchar) ?|and .* \( ?select .* from |(?:drop|create)(\w+)table |(?:declare|convert) .* varchar\(|null ?, ?(?:null ?, ?(?:null|accesslevel|user_name)) ?,|concat\(|union select |union all select|\b\W*?cast\b\W*?\(|xecresultset|' ?; ?declare\b\W*?|; ?set @|select (?:load_file|char\()|(?:insert|remark)test;)" \
2. "phase:2,deny,status:403,capture,id:340159,t:none,t:urlDecodeUni,t:base64Decode,t:hexDecode,t:replaceNulls,t:replaceComments,t:compressWhiteSpace,t:lowercase,rev:35,severity:2,msg:'Atomicorp.com UNSUPPORTED DELAYED Rules: Generic SQL inline command protection (MM)',chain,logdata:'%{TX.0}',multiMatch"
3. SecRule REQUEST_URI "!(/ubbthreads/ubbthreads\.php|/install/index\.php|/admin/fetch_data_af\.php\?action=create_txt_file_from_af_table$|/admin/structure/feeds/edit|^/wp-admin/admin\.php\?page=wpsc-settings)" "t:none,t:lowercase"
4.  
5. SecMarker END_SQL_INJECTION_RULE_4