Topic: MALWARE removal (Read 2146 times)

allvip · « **on:** March 31, 2014, 11:44:33 am »

6Scan suggested to add a code for every malware found to thumbnails.php and displayimage.php to manually fix the malware.

Did I do the right way?Is the malware still on my gallery?

allvip · « **Reply #1 on:** March 31, 2014, 12:11:50 pm »

I asked the host to reset my acoount the way it was before I sign up with them.
I have the gallery in my pc with the files when everything was fine.I will reupload.

gmc · « **Reply #2 on:** March 31, 2014, 01:44:24 pm »

For these 'vulnerabilities', 6scan isn't seeing Coppermine's use of Inspekt - which is used to sanitize all input from $_REQUEST variables (includes $_GET' $_POST, etc...)

The suggested change won't hurt, but the contents of $_GET['cat'] is validated by calls to Inspekt..
See the usage of 'supercage' and validations like 'getINT' that insure the variable contains only an integer (and not SQL injection....)

Αndré · « **Reply #3 on:** March 31, 2014, 02:42:18 pm »

I don't recommend to use websites that just list each parameter they can find as possible vulnerability. Cheeky way to earn money IMHO.

News:

Author Topic: MALWARE removal (Read 2146 times)

allvip

MALWARE removal

allvip

Re: MALWARE removal

gmc

Re: MALWARE removal

Αndré

Re: MALWARE removal