[Systems] Somosazucar.org blog victim to SQL injection?

Sebastian Silva sebastian at fuentelibre.org
Sat Jul 4 01:09:00 EDT 2015

Previous message: [Systems] Somosazucar.org blog victim to SQL injection?
Next message: [Systems] Somosazucar.org blog victim to SQL injection?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/07/15 00:05, Sam P. wrote:
> Wait, why are you so sure this is SQL injection?
>
Because the code that appears looks like it's to look for a
"prepend_add_site_option" within the database, which I guess is what is
prepending this text to the site.

Here's the relevant code from functions.php:

        $value = apply_filters( 'pre_add_site_option_' . $key, $value ); 
 
        $cache_key = "{$wpdb->siteid}:$key"; 
 
        if ( $wpdb->get_row( $wpdb->prepare( "SELECT meta_value FROM
$wpdb->sitemeta WHERE meta_key = %s AND site_id = %d", $key, $wp»
                return update_site_option( $key, $value ); 
 


> Have you noticed any other changes on your blog?  Has anybody been
> changing/adding extensions to/updating your blog?
Nope.
Thanks for digging into it - I'm examining the database...

-- 
I+D SomosAzucar.Org
"icarito" #somosazucar en Freenode IRC
"Nadie libera a nadie, nadie se libera solo. Los seres humanos se liberan en comunión" - P. Freire

Previous message: [Systems] Somosazucar.org blog victim to SQL injection?
Next message: [Systems] Somosazucar.org blog victim to SQL injection?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Systems mailing list