[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] New PHP-Attack Vector ?

To: Thomas Lußnig <lussnig@xxxxxxxxx>
Subject: Re: [FD] New PHP-Attack Vector ?
From: Michael Baker <michael@xxxxxxxxxxxxxxx>
Date: Tue, 15 Apr 2014 00:20:57 -0400

Seems to be a shopping cart software.  A quick dork for that URI yields a
lot of results that seem to be susceptable to various well-known attack
vectors via a couple of quick (&harmless) manual checks.

- Mike


On Mon, Apr 14, 2014 at 5:29 PM, Thomas Lußnig <lussnig@xxxxxxxxx> wrote:

> In the last few days i see more and more scan's for an new php url
> "/phpTest/zologize/axa.php" i never seen before on the server.
> I think this can be an preparation for an new attack. Is there anything
> known about this url and possible defects ?
>
> Information: No Header is send with the request and no Query Parameter
> is send.
>
> IP's that Scanned the URL:
> 61.230.22.153
> 54.200.15.115
> 61.19.83.194
> 103.13.30.157
> 109.184.190.223
> 219.144.196.190
> 219.90.114.133
> 221.215.217.106
> 140.116.102.61
>
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
>

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] New PHP-Attack Vector ?
  - From: Martti Kühne

Prev by Date: [FD] New PHP-Attack Vector ?
Next by Date: Re: [FD] New PHP-Attack Vector ?
Previous by thread: [FD] New PHP-Attack Vector ?
Next by thread: Re: [FD] New PHP-Attack Vector ?
Index(es):
- Date
- Thread