Provider Blocks IP for SQL Injection

It does not happen every time, but every once in a while i get my IP blocked while using Xibo. When questioning my provider i got this answer:

Looks like the IP was blocked for hitting the following rule in the server Firewall:

Possible CVE-2014-3704 Drupal SQLi attempt URLENCODE 1

Any idea on how to resolve this?


Sorry, I am not quite clear - you’re home/office IP gets blocked while accessing a remote Xibo CMS installation? Or you have a local CMS installation running which is exposed through your IP to the internet?

Which version of Xibo are you using?

Home IP gets blocked while accessing a remote Xibo CMS

Xibo Version: Version 1.7.6

Well there are some SQLi commands left in 1.7.6 (not many but some). I couldn’t tell you specifically what is triggering that alert, or indeed why that alert is being triggered for Xibo (we do have some old CVE reports, all of which are patched fixed in 1.6 and higher).

It would be a good idea to tidy up those last MySQLi usages - so i’ve created an issue :bug: for that purpose.

1.8 doesn’t contain any MySQLi

Thanks a bunch, looking forward to it. Keep up the good work.

1 Like