> Person or persons unknown keep calling the go_qwerty.php and putting full
> URLs as the ?page reference. These pages are from a variety of sites but
> always refer to an identical looking page:
This special attack should not apply.
First thing that comes to my mind is, that page=@example.org might be usable
to direct to another server, which could be used for fishing etc.