10
Posted 16 December 2021 - 09:54 PM #1
Hi.
CS-Cart version 4.11.4.SP3
Someone is constantly sending call requests like:
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
-1" OR 2+951-951-1=0+0+0+1
I closed the storefront all together, activated "under attack mode" in Cloudflare. Albeit in a lower frequency, I still receive call requests. Isn't there a rate limiting on call requests? What should I do now?
Posted 18 December 2021 - 05:37 PM #2
There is no SQL injection. There are also no rate-limits.
Best Brands Support - We empower your business!
Posted 19 December 2021 - 02:21 AM #3
Hi.
CS-Cart version 4.11.4.SP3
Someone is constantly sending call requests like:
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z-1" OR 2+951-951-1=0+0+0+1I closed the storefront all together, activated "under attack mode" in Cloudflare. Albeit in a lower frequency, I still receive call requests. Isn't there a rate limiting on call requests? What should I do now?
How did you get these logs? is it in apache2 logs or in cs-cart logs? how did you check it?
Posted 20 December 2021 - 02:41 PM #4
How did you get these logs? is it in apache2 logs or in cs-cart logs? how did you check it?
I didn't need to see the logs. Because call requests are notified by mail. I received more than 130 call requests like that until I renamed index.php to something else. (The store isn't really much active; I wanted to see what happens next; because I was still receiving call request mails although I closed the store from the admin panel.)
Posted 23 December 2021 - 10:43 PM #5
Not enough info. Unless you have the IP that is causing those queries it is hard to see what is going on.
Sign In
