I for myself wasnt on my site today. And because it is hidden for the public, nothing was done from a human I think. I got around 7 different possible attack emails while doing nothing. Then I got the 8 one and that looks curious for me. Have someone a idea for this one? I copy in:
Total impact: 34
Affected tags: xss, csrf, id, rfe, lfi
Variable: REQUEST.body | Value: 5p72gR <a href=\"http://mqszfeikipzn.com/\">mqszfeikipzn</a>, [url=http://thoygjfifwrn.com/]thoygjfifwrn[/url], see more [link=http://qkqfvtbnyhcj.com/]qkqfvtbnyhcj[/link], http://fnyomuubvtmj.com/
Impact: 17 | Tags: xss, csrf, id, rfe, lfi
Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects obfuscated script tags and XML wrapped HTML | Tags: xss | ID: 33
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
Wow, that is the only one I have seen that was something that needed to be blocked.. it looks like link spam but I don't see what file it was trying to access. It looks like something they would have hit guestbook.php with.
Total impact: 34
Affected tags: xss, csrf, id, rfe, lfi
Variable: REQUEST.body | Value: 5p72gR <a href=\"http://mqszfeikipzn.com/\">mqszfeikipzn</a>, [url=http://thoygjfifwrn.com/]thoygjfifwrn[/url], see more