Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: possible security issue  (Read 1838 times)

0 Members and 1 Guest are viewing this topic.

Beekeeper

  • Coppermine novice
  • *
  • Country: 00
  • Offline Offline
  • Posts: 38
possible security issue
« on: November 24, 2011, 12:20:52 am »

I upgraded to cpg1.5 a couple of weeks ago
Other than myself as Admin there is one registered user who is known to me.
This evening I received this email

This email was sent at 2011-11-23 21:50:38 using the contact form at http://www.mareham-le-fen.co.uk/photo/contact.php from the IP address 109.73.68.18

The guest named «tpyrnpovod» with the email address hdrjdw@hnkvzi.com said:
bVimgc <a href="http://pfbajozeyuzq.com/">pfbajozeyuzq</a>, ialmlcbkdgqd, [link=http://xhwcofrgeosf.com/]xhwcofrgeosf[/link], http://avofsuwezjef.com/

obviously contact.php isn't visible on the webpage so the person must know the that there is a contact.php file in coppermine, Is this something I should worry about or is it just someone trying to prove how clever they are
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: possible security issue
« Reply #1 on: November 24, 2011, 12:28:11 pm »

obviously contact.php isn't visible on the webpage
Just have a look at Home > Contact ::)
Logged

Beekeeper

  • Coppermine novice
  • *
  • Country: 00
  • Offline Offline
  • Posts: 38
Re: possible security issue
« Reply #2 on: November 24, 2011, 03:44:32 pm »

Thanks for that,
For some reason I have never noticed the contact option on the home link, it was the message content that made me assume it could be a possible attack attempt of some discription,
My appologies for wasting your time
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: possible security issue
« Reply #3 on: November 24, 2011, 03:52:27 pm »

You can disable the contact form in the config, if you don't need it.


Additionally, please
tag your answer as "solved" by clicking on the "Topic Solved" button on the bar at the left hand side at the bottom of your thread.
Logged
Pages: [1]   Go Up
 

Page created in 0.022 seconds with 19 queries.