Hacker on my Gallery Hacker on my Gallery
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Hacker on my Gallery

Started by LACA Rio, July 06, 2006, 07:16:36 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

LACA Rio

July 06, 2006, 07:16:36 PM Last Edit: July 09, 2006, 01:05:18 AM by GauGau
Hi,

How some hackers can include private albums in my gallery (1.3.5) if theres is no permission for that in the configuration setup?

thanks,

Luiz
Luiz Araujo

Nibbler

#1
July 06, 2006, 07:24:25 PM
What do you mean by 'include' ?

Sami

#2
July 06, 2006, 07:27:13 PM
check your gallery for xxx.php.rar files
he probable inject a shell to his/her personal gallery or one of public gallery and then ...
‍I don't answer to PM with support question
Please post your issue to related board

LACA Rio

#3
July 07, 2006, 07:57:54 PM
Thanks for help me.

Unfortunely, I have already been deleted the member...
He was registered on my gallery and (I don't know how) he post a personal and empty album.

Regards,

Luiz
Luiz Araujo

Joachim Müller

#4
July 08, 2006, 09:33:01 AM
To finally make sure that your gallery is safe against the rar vulnerability, upgrade to the most recent version of the cpg1.4.x series (currently cpg1.4.8). Make sure to edit the allowed document file types as suggested in the announcement thread.

LACA Rio

#5
July 08, 2006, 07:07:25 PM
Nice to hear from you Gaugau,

The guy upload a folder (chase) in the "albums/edit" folder of my gallery and then use it to make phishing.
Now, I upgraded to cpg 1.4.x series.

Regards,

Luiz
Luiz Araujo
Print
Go Up Pages1
User actions