Security and privacy

SQL Injectable Sites listed!

Tim at Lone Pine Koala Sanctuary
Re: SQL Injectable Sites listed!
Core developersDocumentation writersParticularly helpful MoodlersPlugin developers

Well, then you are reasonably safe. The problem with SQL injection is that, if it is exploited you can lose the whole database. The original listing of exploitable sites seems to have been taken down, which is good. Did it gave explicit instructions for how to exploit your site? If not, then it does not mean much.

Average of ratings: -
Picture of Alan Hess
Re: SQL Injectable Sites listed!

Hi Tim

I contacted  'pastebin' and asked them to remove the page. Seems to have worked!

As I backup the DB via Webmin often, I suppose I'm safe. After all, there are loads of sites using Joomla, Moodle etc.. that are based on LAMP out there.

Just out of interest, I see loads of 'hammer' style attacks on my site in logs. I normally ask my provider to ban the specific IP with .htaccess and they do this for me quite promptly.

BTW: A colleague of mine with an old version of Moodle 1.8 and an unfriendly ISP got totally hacked a couple of years ago.


Average of ratings: Useful (1)