URL Injection attacks typically mean the server for which the IP address of theĀ attacker is bound is a compromised server. Please check the server behind the IP address above for suspicious files in /tmp, /var/tmp, /dev/shm, along with checking the process tree (ps -efl or ps -auwx). You may also want to check out http://www.chkrootkit.org/… Continue reading URL injections information