Seems to be a shopping cart software. A quick dork for that URI yields a lot of results that seem to be susceptable to various well-known attack vectors via a couple of quick (&harmless) manual checks.
- Mike On Mon, Apr 14, 2014 at 5:29 PM, Thomas Lußnig <luss...@suche.org> wrote: > In the last few days i see more and more scan's for an new php url > "/phpTest/zologize/axa.php" i never seen before on the server. > I think this can be an preparation for an new attack. Is there anything > known about this url and possible defects ? > > Information: No Header is send with the request and no Query Parameter > is send. > > IP's that Scanned the URL: > 61.230.22.153 > 54.200.15.115 > 61.19.83.194 > 103.13.30.157 > 109.184.190.223 > 219.144.196.190 > 219.90.114.133 > 221.215.217.106 > 140.116.102.61 > > > _______________________________________________ > Sent through the Full Disclosure mailing list > http://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
