On Fri, 2007-10-05 at 11:29 -0400, Daniel Brown wrote: > Yeah, honestly I wasn't sure if it was an injection attack or if > those URLs were referrers in the logs.
OK sorry if I wasn't 100% clear here, but the logs showed up something like: http://fsiu.uwc.ac.za/index.php?module=http://www.goodasgold.com/nav So basically it was an XSS attempt, but because our MVC security is decent, it is just more of an annoyance than anything else (it screws up my stats man!) What I was trying to say is that *if* you didn't know about this one before, now you do. They are hitting all of our sites at a rate of knots, so are probably doing the same elsewhere. --Paul
All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
