Hack with a rarfile Hack with a rarfile
 

News:

CPG Release 1.6.28
added submissions from {406man}
cleaned up a few PHP (8.4) deprecations
fixed PHP deprecation in calendar
removed security vulnerability
(please upgrade when possible)

Main Menu

Hack with a rarfile

Started by Esel2k, October 30, 2006, 06:15:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Esel2k

October 30, 2006, 06:15:45 PM
Hey guys...

I'm using coppermine since 5 months now. today i had a filename called: "ly.php.rar" and when you click on it, it gave all the server and rcon informations so i deleted it....is there an update or is this problem already known?

greez

Esel2k

#1
October 30, 2006, 06:23:41 PM
here some informations more:

http://www.ucsbhillel.org/photos/albums/userpics/10006/ly.php.rar

This is the same file from an other galery. Username of this "very funny" guy is "toraq".

cu

Nibbler

#2
October 30, 2006, 06:29:52 PM
It's a well known vulnerability in old versions of Coppermine. That gallery is 1.3.3. If you keep your gallery up to date (1.4.10) then you won't have any problems.
Print
Go Up Pages1
User actions