[Systems] Somosazucar.org blog victim to SQL injection?
Sebastian Silva
sebastian at fuentelibre.org
Sat Jul 4 00:58:29 EDT 2015
Hi,
I noticed our blog today is prepending a string to every page:
siteid ) ) )
return update_site_option( $key, $value );
$value = sanitize_option( $key, $value );
wp_cache_set( $cache_key, $value, 'site-options');
$value = maybe_serialize($value);
$wpdb-
I looked around and it looks like it's coming from wp-includes/functions.php
Anybody found something like this before?
The code looks like it's there to add stuff to the template, i'm
guessing it's found something injected into the SQL database?
Thanks for any hints
--
I+D SomosAzucar.Org
"icarito" #somosazucar en Freenode IRC
"Nadie libera a nadie, nadie se libera solo. Los seres humanos se liberan en comunión" - P. Freire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/private/systems/attachments/20150703/e11d6576/attachment.html>
More information about the Systems
mailing list