Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Album list & thumbnail views mysteriously changed  (Read 11319 times)

0 Members and 1 Guest are viewing this topic.

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Album list & thumbnail views mysteriously changed
« on: April 08, 2008, 10:07:49 pm »

I'm using 1.14.16 (upgraded yesterday)

Short time ago the thumb nail views on home page of my coppermine gallery had changed, also albums were not listed. I wondered if I had accidentally restored factory defaults by mistake, but the settings were not the defaults.

Examples are, 1 "most viewed" thumbnail across the page instead of 4, rows of thumbnails had been set to 1, levels of categories set to 1 and a few other minor alterations.

I changed back the settings in config & changed my coppermine password (I am the only admin)

I have searched to see if anybody had a similar problem.

Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

Nibbler

  • Guest
Re: Album list & thumbnail views mysteriously changed
« Reply #1 on: April 08, 2008, 10:13:39 pm »

Hmm, could be the same issue as http://forum.coppermine-gallery.net/index.php/topic,51693.0.html

Number of columns and number of tabs to display were set to 1 on that gallery. Did this happen before or after the update?
Logged

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #2 on: April 08, 2008, 10:18:50 pm »

(I should have said 1.4.16 in original post)


May have been the same problem, any idea of a cause?

Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #3 on: April 08, 2008, 11:18:13 pm »

Just had a look in the logs file at my host, didn't really know what I was looking for, but searched for "config" and noticed nearby there was mention of www. hacking-gps .com (purposely put a couple of spaces in)

This seems a strange sort of entry to see alongside references to config & I wondered if this was anything to do with the setup being altered?

It appeared several times and may have corresponded with the number of alterations made to the settings?
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

Nibbler

  • Guest
Re: Album list & thumbnail views mysteriously changed
« Reply #4 on: April 08, 2008, 11:21:30 pm »

Better to search for admin.php since that's the admin page.
Logged

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #5 on: April 08, 2008, 11:49:55 pm »

Better to search for admin.php since that's the admin page.
That crops up in many places, but I wouldn't really know what was valid use or not - so I'm not really much help.
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #6 on: April 09, 2008, 11:08:46 pm »

Sometime during the last couple of hours, the settings have changed again - e.g 1 thumbnail across the page instead of 2 etc.

Looks exactly the same as when it happened the first time:-

http://www.sharpos-world.co.uk/cpg/index.php
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #7 on: April 09, 2008, 11:11:36 pm »

Sometime during the last couple of hours, the settings have changed again - e.g 1 thumbnail across the page instead of 2 etc.

Looks exactly the same as when it happened the first time:-

http://www.sharpos-world.co.uk/cpg/index.php
Correction to that, 1 thumbnail instead of 4 across a page etc.
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #8 on: April 09, 2008, 11:43:42 pm »

Just checked the logs & this might be something to do with it......


195.5.117.252 - - [09/Apr/2008:22:29:40 +0200] "POST /cpg/admin.php HTTP/1.1" 200 7500 www.sharpos-world.co.uk "-" "User-Agent: Opera/9.27 (Windows NT 5.2; U; ru)" "-"
195.5.117.252 - - [09/Apr/2008:22:29:42 +0200] "POST /cpg/admin.php HTTP/1.1" 200 7500 www.sharpos-world.co.uk "-" "User-Agent: Opera/9.27 (Windows NT 5.2; U; ru)" "-"
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #9 on: April 10, 2008, 12:02:16 am »

It's me again. My upload boxes had been set to 0 as suggested elsewhere, but I have just found this which might have reset it, as one now reads 10

195.5.117.252 - - [09/Apr/2008:22:29:34 +0200] "POST /cpg/upload.php HTTP/1.1" 200 6925
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

Nibbler

  • Guest
Re: Album list & thumbnail views mysteriously changed
« Reply #10 on: April 10, 2008, 12:19:53 am »

Clean up your gallery and change your admin pass. Then disable all uploads from untrusted users.
Logged

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #11 on: April 10, 2008, 12:28:33 am »

Clean up your gallery and change your admin pass. Then disable all uploads from untrusted users.
Only me as admin can upload, that is the way it has always been. I changed the password after it happened the first time and to be safe all upload boxes were set at 0 earlier this evening.

I will change the password again & also set uploads to 0 again
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

Nibbler

  • Guest
Re: Album list & thumbnail views mysteriously changed
« Reply #12 on: April 10, 2008, 12:34:14 am »

Check for any additional admin accounts that may have been created by the attacker.
Logged

sharpo

  • Coppermine frequent poster
  • ***
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 326
Re: Album list & thumbnail views mysteriously changed
« Reply #13 on: April 10, 2008, 12:38:15 am »

Check for any additional admin accounts that may have been created by the attacker.
No others, just me
Logged
Sharpo (not an expert, just a Coppermine user)
3 live galleries, first started in 2006, all now 1.6.04.
http://www.sharpos-world.co.uk/BB3cpg/ (1.6.07)with over 8,000 images.
http://www.sharpos-world.co.uk/cpg/ with over 25,000 images
http://www.sharpos-world.co.uk/kc/ with over 300 images

lordprodigy

  • Coppermine frequent poster
  • ***
  • Offline Offline
  • Posts: 228
    • B514 ///
Re: Album list & thumbnail views mysteriously changed
« Reply #14 on: April 10, 2008, 02:50:09 am »

I have the exact same problem :(

www.b514.com/photos
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Album list & thumbnail views mysteriously changed
« Reply #15 on: April 10, 2008, 07:04:57 am »

Then the same piece of advise applies to you as well. You're running cpg1.4.4, while the most recent stable release currently is cpg1.4.16. You have been told in previous threads already that you need to upgrade, but you constantly ignore this. There is no other piece of advice for you except to upgrade. I'm not ready to discuss this even further. Again, you misbehave by hijacking someone else's thread...
Logged

lordprodigy

  • Coppermine frequent poster
  • ***
  • Offline Offline
  • Posts: 228
    • B514 ///
Re: Album list & thumbnail views mysteriously changed
« Reply #16 on: April 10, 2008, 03:58:14 pm »

Joachim,

Firstly, as in previous threads, you know very well why I have been postponing my upgrade. Secondly, I posted a note, and not a question or demand for support. I was simply indicating that I have the same problem, and that this might be more widespread issue, than an isolated 'reset value' incident. Sharpo is using 1.4.16 and I have 1.4.4, two quite different versions but same problem... Thats all.

Having said that, I find your hijacking accuse irrelevant.

Thanks as always.
Logged

shiftsrl

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 74
    • Apple Reseller
Re: Album list & thumbnail views mysteriously changed
« Reply #17 on: April 10, 2008, 04:47:53 pm »

This is the same issue happened to me

http://forum.coppermine-gallery.net/index.php/topic,51671.msg250586.html#msg250586

the gallery was hacked and I've discovered the problem because my view settings are changed. I don't know why but this happened two times from yesterday and the results, apart from the hack, was the changed settings...
Logged
Shift Srl
 *Link Removed*

lordprodigy

  • Coppermine frequent poster
  • ***
  • Offline Offline
  • Posts: 228
    • B514 ///
Re: Album list & thumbnail views mysteriously changed
« Reply #18 on: April 10, 2008, 05:10:42 pm »

Thank you very much Shiftsrl, I am reading that thread too.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Album list & thumbnail views mysteriously changed
« Reply #19 on: April 10, 2008, 11:08:17 pm »

@shiftsrl: don't!
Logged
Pages: [1]   Go Up
 

Page created in 0.025 seconds with 21 queries.