In the search logs for OurAirports, I noticed a series of searches for URLs:
http://www.feliciano.de/Webgalerie/bilder/Italy/une/yiwul/ http://www.unduetretoccaate.it/codice/aseje/wocobo/ http://www.altaiseer-eg.com/ar/articles/jed/umut/
At first, I thought they might be a kind of link spam — some sites display recent searches — but when I checked one of the URLs, I found something totally unexpected:
php echo md5("just_a_test");?>
They’re all the same. This is almost certainly related to passwords: is there a known flaw in a PHP content-management system like Drupal, or in the PHP API for a search engine like Lucene, where this would do some damage, or is it just a test probing for weaknesses? Is the PHP code supposed to be served up literally like that, or should I be seeing the MD5 instead?