Full Disclosure mailing list archives

New PHP-Attack Vector ?

From: Thomas Lußnig <lussnig () suche org>
Date: Mon, 14 Apr 2014 23:29:28 +0200

In the last few days i see more and more scan's for an new php url
"/phpTest/zologize/axa.php" i never seen before on the server.
I think this can be an preparation for an new attack. Is there anything
known about this url and possible defects ?

Information: No Header is send with the request and no Query Parameter
is send.

IP's that Scanned the URL:
61.230.22.153  
54.200.15.115  
61.19.83.194   
103.13.30.157  
109.184.190.223
219.144.196.190
219.90.114.133 
221.215.217.106
140.116.102.61 


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

New PHP-Attack Vector ? Thomas Lußnig (Apr 14)
- <Possible follow-ups>
- Re: New PHP-Attack Vector ? Michael Baker (Apr 14)
  - Re: New PHP-Attack Vector ? Martti Kühne (Apr 15)