forum.coppermine-gallery.net
Support => cpg1.4.x Support => Older/other versions => cpg1.4 miscellaneous => Topic started by: NoviceScotty on April 12, 2008, 01:44:48 pm
-
Hi everyone -
I have been using cpg148 (which I assume is version 1.48?) for some years now, without any problems.
However last week (9th April or so) the formatting went wrong - instead of 12 thumbnails on a page and a link to the next page, I had only one per page, but could only access pages 1 or 13.
Then I noticed that the site was trying to execute a php page on an external web site, and when I looked at the files, an extra line had been appended to about 66 files. This line contained php echo iframe executing a php script on an external web site.
So, my questions:
Is this known a php /sql hack, or has someone got access to my passwords?
(I've changed them all anyway, but I'm worried that someone has hacked the computer I use to manage the web page)
It does appear (see below) that someone uploaded a jpg with malicious code
What can I do to stop this happening again? Is there some sort of security patch that I need?
I'd appreciate any help anyone can give me
Thanks
In case anyone else has the same problem, the files affected are mainly the php files, with index.html files in each directory that might be new, but one jpg in my first album is actually a php file that looks as if it does nasty stuff.
If any one is interested, I can send this file for analysis - it is full of stuff like
path = $_SERVER DOCUMENT_ROOT array_push dirs path
Also, I can give you the address of the site that its rediected to, if anyone knows how to find out who's behind it!
-
There's a long thread dealing with this problem:
http://forum.coppermine-gallery.net/index.php/topic,51671.0.html
Don't fall so far behind with your upgrades next time - before the recent problem the up to date version was 1.4.16!