In following my site's traffic, I've noticed persistent attack attempts by bots specifically targeting the sitemap. The user agent is almost always libwww-perl/5.805. The bots typically reference a php instruction that has been uploaded onto someone else's site in a text file. The code on the text file is what the bot attempts to inject into the form on the target page (i.e. the admin login).
Here is a generic example of an attempt:
XML-SITEMAPS, of course, creates an admin login page, but not at the location of the XML file that is generated.
Are there are any known security issues with these types of attacks?