diff --git a/rules/web/web_cve_CVE-2010-5278_exploitation_attempt.yaml b/rules/web/web_cve_2010_5278_exploitation_attempt.yml
similarity index 52%
rename from rules/web/web_cve_CVE-2010-5278_exploitation_attempt.yaml
rename to rules/web/web_cve_2010_5278_exploitation_attempt.yml
index fb25c1370..49100bc5c 100644
--- a/rules/web/web_cve_CVE-2010-5278_exploitation_attempt.yaml
+++ b/rules/web/web_cve_2010_5278_exploitation_attempt.yml
@@ -1,26 +1,24 @@
-title: CVE-2010-5278 exploitation attempt
+title: CVE-2010-5278 Exploitation Attempt
 id: 55a72ccd-4f16-42a7-afc8-f7958035bf90
 author: Subhash Popuri (@pbssubhash)
-date: 25/08/2021
+date: 2021/08/25
 status: experimental
 description: Directory traversal vulnerability in manager/controllers/default/resource/tvs.php
   in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled,
   allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key
   parameter.
 references:
-- https://www.exploit-db.com/exploits/34788
-- https://www.cvedetails.com/cve/CVE-2010-5278
-- https://github.com/projectdiscovery/nuclei-templates
+  - https://www.exploit-db.com/exploits/34788
+  - https://www.cvedetails.com/cve/CVE-2010-5278
+  - https://github.com/projectdiscovery/nuclei-templates
 detection:
   selection:
-    c-uri|contains:
-    - /manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00
+    c-uri|contains: '/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00'
   condition: selection
 false_positives:
-- Scanning from Nuclei
-- Penetration Testing Activity
-- Unknown
+  - Scanning from Nuclei
+  - Penetration Testing Activity
 tags:
-- attack.initial_access
-- attack.t1190
+  - attack.initial_access
+  - attack.t1190
 level: critical