My site was hacked My site was hacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

My site was hacked

Started by eXess, May 29, 2007, 02:47:26 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

eXess

May 29, 2007, 02:47:26 AM
My site has been hacked twice this month, fortunately i've managed to recover it. How can I give you information to fix the possible exploit?
.

Joachim Müller

#1
May 29, 2007, 07:13:05 AM
If you have actually discovered a genuine bug/vulnerability in Coppermine itself, you're allowed to PM it to me. You could as well post it here publicly, since we don't believe in security by obscurity. If you have actually discovered a genuine vulnerability, we will come up with a fix asap.

eXess

#2
June 08, 2007, 08:53:05 PM
Well, I don't know where is the problem. Some guy is hacking my site and leaving dirty messages, accusing me. How can I discover where is the vulnerability ?
.

Nibbler

#3
June 08, 2007, 09:28:03 PM
Are you running the latest version of Coppermine and sure the attack is actually via Coppermine?

Joachim Müller

#4
June 09, 2007, 05:23:00 PM
Is the site in question http://portal.pazardjik.com/cpg/ (which is on cpg1.4.10)? If yes: when did you upgrade to cpg1.4.10? What do you actually mean by saying that your site got hacked? Did the attacker post comment spam? Did your site get defaced? Post screenshots of the defacement by attaching them to this posting (using "additional options" when composing your message). Your main site appears to be using PHP-Fusion: are you sure that it was actually Coppermine that got hacked? It's very likely that your portal got hacked instead.
Print
Go Up Pages1
User actions