XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. XOOPS general usage questions 
  4.  / SQL Injection attempts in xoops 2.5.5
Register
1
timgno
SQL Injection attempts in xoops 2.5.5

  • 2013/1/30 17:30

  • timgno

  • Module Developer

  • Posts: 1504

  • Since: 2007/6/21


Below are typical attempts of sql injection on module tdmdownloads, detected and protected by Protector

23/10/2012 13:10:08    Ospiti    139.195.6.128
SQL Injection    SELECT FROM `xxxxxx_tdmdownloads_downloadsWHERE (status != '0' AND cid IN (2,6,5,8,7,9,11,12,1,3,10,13,4,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28) AND cid '0'ORDER BY 'rating ASC
    23/10/2012 13:07:26    Ospiti    139.195.6.128
SQL Injection    SELECT * FROM `xxxxxx_tdmdownloads_downloads` WHERE (status != '0' AND cid IN (2,6,5,8,7,9,11,12,1,3,10,13,4,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28) AND cid = '0') ORDER BY 'rating ASC
    23/10/2012 13:04:53    Ospiti    139.195.6.128
SQL Injection    SELECT FROM `xxxxxx_tdmdownloads_downloadsWHERE (status != '0' AND cid IN (2,6,5,8,7,9,11,12,1,3,10,13,4,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28) AND cid '0'ORDER BY 'rating ASC
    23/10/2012 13:02:14    Ospiti    139.195.6.128
SQL Injection    SELECT * FROM `xxxxxx_tdmdownloads_downloads` WHERE (status != '0' AND cid IN (2,6,5,8,7,9,11,12,1,3,10,13,4,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28) AND cid = '0') ORDER BY 'rating ASC
    23/10/2012 12:59:20    Ospiti    139.195.6.128
SQL Injection    SELECT FROM `xxxxxx_tdmdownloads_downloadsWHERE (status != '0' AND cid IN (2,6,5,8,7,9,11,12,1,3,10,13,4,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28) AND cid '0'ORDER BY 'rating ASC
2
Mamba
Re: SQL Injection attempts in xoops 2.5.5

  • 2013/1/30 18:05

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


There will be always attacks on Websites, be it a CMS like XOOPS, Drupal, WP, or Joomla, or stand-alone Website. And that's why it is so important to install on XOOPS a Protector module, which is a very good tool in protecting against such attacks.

If Protector didn't block the IP automatically, you can do it manually.

Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

265 user(s) are online (135 user(s) are browsing Support Forums)

Members: 0

Guests: 265

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits