Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: Urgent- safety issues  (Read 2358 times)

0 Members and 1 Guest are viewing this topic.

Edis

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Urgent- safety issues
« on: June 27, 2006, 03:12:26 pm »
in advance... mine english is bad.
I have problem with my CP gallery, and it looks like permissions alowed people to regain control over gallery, and o modify permissions, puting some script in users albums.
I found one such script in one of the user albums, and delete it, but.. I can not delete it somehow. So I rename it, and put other permissions on it.
24 hours later, I found some kind of backdoor, php file in one of the user albums (I am sure that user did not upload this) and with that file you can do what ever you want with gallery: change permissions, upload files, find out passwords, see permissions on folder end even edit index.php and other php. files in gallery.

So.. I have this script on my PC now, I delete it TWICE from my server, and I really don know what to do now.
Is there anybody from Coppermine support to whom i can send this php file? Anybody had this problem?
Logged

Nibbler

  • Guest
Re: Urgent- safety issues
« Reply #1 on: June 27, 2006, 06:50:41 pm »
Make sure you are running the latest version of Coppermine.
Logged

natalina

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Female
  • Posts: 96
    • Interior & Architecture
Re: Urgent- safety issues
« Reply #2 on: June 29, 2006, 07:45:18 am »
The same problem (version 1.48) Just have post about it at upgrade board... :-[
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.016 seconds with 19 queries.