We host a blog, running on B2Evolution (Apache Linux), and I see one
particular expoit attempt in our logs a great deal. It doesn't work
against our blog instance, but since I see this attempted so often, I
figure it either is effective against earlier versions of b2evolution,
or perhaps against some other blog software. I see lots of variations of
it, but they are all GET requests for something like:
Sometimes the URL variable name is different, or some other variation.
Anyone know what blog software is or was vulnerable to this attack?
Also, what are the most common attacks/probes you see against Apache
webservers? I'm making a top five list. (I've read "High Fidelity",