Hello,

I keep getting the following reports of errors. In the previous days I get approximately around 100 such messages per days.
I suppose somebody tries to hack our site. Is these an high risk issue?
On our store we have all the last security updates installed. I also test my site on magereport and is a "LOW RISK".
I tried to google these error messages and strange injections in URL, but no such debate.
Thank you in advance.

URL: http://www.mysitedomain.com/blog/tag/1'/**/OR/**/UPDATEXML(3246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(3246=3246,1))),0x7170786271),9487)--/**/Mkct
IP Address: 93.103.9.93
Time: 2016-10-02 09:01:51 GMT
Error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' LIKE CONCAT(value,'%') and path LIKE 'web/unsecure/base_url'
                 ' at line 1, query was: SELECT `e`.`scope`, `e`.`scope_id` FROM `core_config_data` AS `e` WHERE ('http://www.mysitedomain.com/blog/tag/1'/**/OR/**/UPDATEXML(3246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(3246=3246,1))),0x7170786271),9487)--/**/Mkct' LIKE CONCAT(value,'%') and path LIKE 'web/unsecure/base_url'
                    OR 'https://www.mysitedomain.com/blog/tag/1'/**/OR/**/UPDATEXML(3246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(3246=3246,1))),0x7170786271),9487)--/**/Mkct' LIKE CONCAT(value,'%') and path LIKE 'web/secure/base_url'
                ) ORDER BY CHAR_LENGTH(value) DESC

Trace:
#0 /home/admin/domains/mysitedomain.com/public_html/lib/Varien/Db/Statement/Pdo/Mysql.php(110): Zend_Db_Statement_Pdo->_execute(Array)
#1 /home/admin/domains/mysitedomain.com/public_html/app/code/core/Zend/Db/Statement.php(291): Varien_Db_Statement_Pdo_Mysql->_execute(Array)
#2 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Abstract.php(480): Zend_Db_Statement->execute(Array)
#3 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query('SELECT `e`.`sco...', Array)
#4 /home/admin/domains/mysitedomain.com/public_html/lib/Varien/Db/Adapter/Pdo/Mysql.php(504): Zend_Db_Adapter_Pdo_Abstract->query('SELECT `e`.`sco...', Array)
#5 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Abstract.php(737): Varien_Db_Adapter_Pdo_Mysql->query('SELECT `e`.`sco...', Array)
#6 /home/admin/domains/mysitedomain.com/public_html/app/code/local/Amasty/GeoipRedirect/Model/Fpc/Front.php(337): Zend_Db_Adapter_Abstract->fetchAll(Object(Varien_Db_Select))
#7 /home/admin/domains/mysitedomain.com/public_html/app/code/local/Amasty/GeoipRedirect/Model/Fpc/Front.php(51): Amasty_GeoipRedirect_Model_Fpc_Front->getStoreId(Object(Zend_Controller_Request_Http))
#8 /home/admin/domains/mysitedomain.com/public_html/var/cache/ew/files/7a/3e/Mage/Core/Model/Cache.php(706): Amasty_GeoipRedirect_Model_Fpc_Front->extractContent(false)
#9 /home/admin/domains/mysitedomain.com/public_html/app/code/core/Mage/Core/Model/App.php(351): Mage_Core_Model_CacheOverriddenClass->processRequest()
#10 /home/admin/domains/mysitedomain.com/public_html/app/Mage.php(683): Mage_Core_Model_App->run(Array)
#11 /home/admin/domains/mysitedomain.com/public_html/index.php(95): Mage::run('', 'store')
#12 {main}

URL: http://www.mysitedomain.com/blog/tag/1')/**/AS/**/xKtr/**/WHERE/**/8021=8021/**/AND/**/UPDATEXML(7246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(7246=7246,1))),0x7170786271),7188)--/**/wxTE
IP Address: 193.106.30.130
Time: 2016-10-02 08:35:32 GMT
Error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AS/**/xKtr/**/WHERE/**/8021=8021/**/AND/**/UPDATEXML(7246,CONCAT(0x2e,0x716b787a' at line 1, query was: SELECT `e`.`scope`, `e`.`scope_id` FROM `core_config_data` AS `e` WHERE ('http://www.mysitedomain.com/blog/tag/1')/**/AS/**/xKtr/**/WHERE/**/8021=8021/**/AND/**/UPDATEXML(7246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(7246=7246,1))),0x7170786271),7188)--/**/wxTE' LIKE CONCAT(value,'%') and path LIKE 'web/unsecure/base_url'
                    OR 'https://www.mysitedomain.com/blog/tag/1')/**/AS/**/xKtr/**/WHERE/**/8021=8021/**/AND/**/UPDATEXML(7246,CONCAT(0x2e,0x716b787a71,(SELECT/**/(ELT(7246=7246,1))),0x7170786271),7188)--/**/wxTE' LIKE CONCAT(value,'%') and path LIKE 'web/secure/base_url'
                ) ORDER BY CHAR_LENGTH(value) DESC

Trace:
#0 /home/admin/domains/mysitedomain.com/public_html/lib/Varien/Db/Statement/Pdo/Mysql.php(110): Zend_Db_Statement_Pdo->_execute(Array)
#1 /home/admin/domains/mysitedomain.com/public_html/app/code/core/Zend/Db/Statement.php(291): Varien_Db_Statement_Pdo_Mysql->_execute(Array)
#2 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Abstract.php(480): Zend_Db_Statement->execute(Array)
#3 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query('SELECT `e`.`sco...', Array)
#4 /home/admin/domains/mysitedomain.com/public_html/lib/Varien/Db/Adapter/Pdo/Mysql.php(504): Zend_Db_Adapter_Pdo_Abstract->query('SELECT `e`.`sco...', Array)
#5 /home/admin/domains/mysitedomain.com/public_html/lib/Zend/Db/Adapter/Abstract.php(737): Varien_Db_Adapter_Pdo_Mysql->query('SELECT `e`.`sco...', Array)
#6 /home/admin/domains/mysitedomain.com/public_html/app/code/local/Amasty/GeoipRedirect/Model/Fpc/Front.php(337): Zend_Db_Adapter_Abstract->fetchAll(Object(Varien_Db_Select))
#7 /home/admin/domains/mysitedomain.com/public_html/app/code/local/Amasty/GeoipRedirect/Model/Fpc/Front.php(51): Amasty_GeoipRedirect_Model_Fpc_Front->getStoreId(Object(Zend_Controller_Request_Http))
#8 /home/admin/domains/mysitedomain.com/public_html/var/cache/ew/files/7a/3e/Mage/Core/Model/Cache.php(706): Amasty_GeoipRedirect_Model_Fpc_Front->extractContent(false)
#9 /home/admin/domains/mysitedomain.com/public_html/app/code/core/Mage/Core/Model/App.php(351): Mage_Core_Model_CacheOverriddenClass->processRequest()
#10 /home/admin/domains/mysitedomain.com/public_html/app/Mage.php(683): Mage_Core_Model_App->run(Array)
#11 /home/admin/domains/mysitedomain.com/public_html/index.php(95): Mage::run('', 'store')
#12 {main}