[Systems] Somosazucar.org blog victim to SQL injection?
Sebastian Silva
sebastian at fuentelibre.org
Sat Jul 4 01:09:00 EDT 2015
On 04/07/15 00:05, Sam P. wrote:
> Wait, why are you so sure this is SQL injection?
>
Because the code that appears looks like it's to look for a
"prepend_add_site_option" within the database, which I guess is what is
prepending this text to the site.
Here's the relevant code from functions.php:
$value = apply_filters( 'pre_add_site_option_' . $key, $value );
$cache_key = "{$wpdb->siteid}:$key";
if ( $wpdb->get_row( $wpdb->prepare( "SELECT meta_value FROM
$wpdb->sitemeta WHERE meta_key = %s AND site_id = %d", $key, $wp»
return update_site_option( $key, $value );
> Have you noticed any other changes on your blog? Has anybody been
> changing/adding extensions to/updating your blog?
Nope.
Thanks for digging into it - I'm examining the database...
--
I+D SomosAzucar.Org
"icarito" #somosazucar en Freenode IRC
"Nadie libera a nadie, nadie se libera solo. Los seres humanos se liberan en comunión" - P. Freire
More information about the Systems
mailing list