Hack with a rarfile Hack with a rarfile
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Hack with a rarfile

Started by Esel2k, October 30, 2006, 06:15:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Esel2k

Hey guys...

I'm using coppermine since 5 months now. today i had a filename called: "ly.php.rar" and when you click on it, it gave all the server and rcon informations so i deleted it....is there an update or is this problem already known?

greez

Esel2k

here some informations more:

http://www.ucsbhillel.org/photos/albums/userpics/10006/ly.php.rar

This is the same file from an other galery. Username of this "very funny" guy is "toraq".

cu

Nibbler

It's a well known vulnerability in old versions of Coppermine. That gallery is 1.3.3. If you keep your gallery up to date (1.4.10) then you won't have any problems.