warning: sql injection attempts

[asaguiar]

Hi.

Some italian lamer has systematically attempted to execute a remotely hosted script that executes sql injection attempts.

I can not check how effective it is the attempt uses a file named /contrib/forms/evaluation/C_FormEvaluation.class.php that I do not have installed.

Regards.

Alexandre

[somoto]

how did you figure this out??

[asaguiar]

By reading the logs.

[siguie]

They seem to be looking for sites using OpenEMR from http://www.oemr.org/ or atleast older unpateched versions.

As a general security measure I recommend using ZB Block it only protects php scripts but that's the vast majority of code on many sites. It's free and is billed mostly as spambot protection but it's AWESOME against sql injection attacks and sooo many other hackbots

[IanSEH]

They seem to be looking for sites using OpenEMR from http://www.oemr.org/ or atleast older unpateched versions.

As a general security measure I recommend using ZB Block it only protects php scripts but that's the vast majority of code on many sites. It's free and is billed mostly as spambot protection but it's AWESOME against sql injection attacks and sooo many other hackbots

After using OpenX ad server on my sites, it got hacked through the same thing - SQL injection and even worse, several sites were affected since they displayed banners from my adserver... Then Google found it and marked my sites as malware. That was a mess... THANK YOU for recommending ZB Block as I recently was told part of my wordpress theme was insecure too.