Results 1 to 5 of 5

Thread: warning: sql injection attempts

Hybrid View

  1. #1
    Join Date
    Sep 2011
    Posts
    3

    Default warning: sql injection attempts

    Hi.

    Some italian lamer has systematically attempted to execute a remotely hosted script that executes sql injection attempts.

    I can not check how effective it is the attempt uses a file named /contrib/forms/evaluation/C_FormEvaluation.class.php that I do not have installed.

    Regards.

    Alexandre

  2. #2
    Join Date
    Oct 2011
    Posts
    1

    Default

    how did you figure this out??
    Last edited by farcaster; 10-03-2011 at 07:18 AM. Reason: no sigs till you qualify

  3. #3
    Join Date
    Sep 2011
    Posts
    3

    Default

    By reading the logs.

  4. #4
    Join Date
    Feb 2006
    Posts
    627

    Default

    They seem to be looking for sites using OpenEMR from http://www.oemr.org/ or atleast older unpateched versions.

    As a general security measure I recommend using ZB Block it only protects php scripts but that's the vast majority of code on many sites. It's free and is billed mostly as spambot protection but it's AWESOME against sql injection attacks and sooo many other hackbots :)

  5. #5
    Join Date
    Dec 2011
    Posts
    1

    Default

    Quote Originally Posted by siguie View Post
    They seem to be looking for sites using OpenEMR from http://www.oemr.org/ or atleast older unpateched versions.

    As a general security measure I recommend using ZB Block it only protects php scripts but that's the vast majority of code on many sites. It's free and is billed mostly as spambot protection but it's AWESOME against sql injection attacks and sooo many other hackbots :)
    After using OpenX ad server on my sites, it got hacked through the same thing - SQL injection :( and even worse, several sites were affected since they displayed banners from my adserver... Then Google found it and marked my sites as malware. That was a mess... THANK YOU for recommending ZB Block as I recently was told part of my wordpress theme was insecure too.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •