<![CDATA[ Manager log: SQL Injection Detected - MODX Community Forums]]> https://forums.modx.com/thread/?thread=104649 <![CDATA[Manager log: SQL Injection Detected]]> https://forums.modx.com/thread/104649/manager-log-sql-injection-detected#dis-post-562854

[2018-11-14 02:41:45] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ')
[2018-11-14 02:41:45] (ERROR @ /home/jolien/domains/geheelnatuurlijk.nl/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ' OR 'somepage.html\'>title somepage</a> ' REGEXP `modRedirect`.`pattern` OR 'somepage.html\'>title somepage</a> ' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))
[2018-11-14 02:41:47] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'webpage.html\'>Webpage title</a> other text in sentence' OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP `modRedirect`.`pattern` OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))

Where 'USER', 'DOMAIN', 'sompage.html', 'webpage.html', 'title somepage' and 'other text in sentence' are edited by me but existant.

Has anyone got any ideas what is happening here. I can see they try to escape a quote. But what i can do to block this??]]>
mintnl Nov 21, 2018, 02:56 PM https://forums.modx.com/thread/104649/manager-log-sql-injection-detected#dis-post-562854
<![CDATA[Re: Manager log: SQL Injection Detected]]> https://forums.modx.com/thread/104649/manager-log-sql-injection-detected#dis-post-563916 A way of stopping these errors would be to sanitize any form data that's submitted before it's handled. So that way you're not allowing the malicious code to even reach MODX.]]> muzzstick Feb 03, 2019, 12:16 PM https://forums.modx.com/thread/104649/manager-log-sql-injection-detected#dis-post-563916