Would this solve the problem of them using "http://ourwebsite/index.php?option=com_tag&controller=tag&task=add&article_id=-260479/**//*!union*//**//*!select*//**/concat(username,0x3a,password,0x3a,usertype)/**//*!from*//**/jos_users/**/&tmpl=component" where "ourwebsite" is the home page URL for the sake of our discussion? It appears they're skirting login and going straight for the PHP file(s) as well as username and password data. I'm not a coder but this doesn't look nice. Most are based in Beijing and Eastern Europe.


Reply With Quote
