Warning your browser does not accept script's cookies Warning your browser does not accept script's cookies
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Warning your browser does not accept script's cookies

Started by dalyjgf, September 14, 2009, 03:05:00 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

dalyjgf

September 14, 2009, 03:05:00 AM
Hi Guys, I know that this has appeared loads of times, but I have gone through all the entries on the forum for the past couple of hours and been unable to get it to work.

The website is https://www.tryskirmishing.com/gallery/login.php?referer=index.php

I've adjusted all the profiles on Mozilla and IE but to no effect, basically I can enter the correct username and password, but it says it's acccepted it, but then doesn't open it to allow me to add more photos.

Your help would be severly welcomed!!

Many thanks.

onthepike

#1
September 14, 2009, 03:26:15 AM
<!--Coppermine Photo Gallery 1.4.2 (stable)-->

:o

Without going into any investigating, running such an outdated version of CPG is almost assured you have been hacked. Please follow these steps and report back.

Joachim Müller

#2
September 14, 2009, 04:17:44 PM
Firefox/Google even reports that site as malicious, so yes: that site was hacked. Reason: reluctance to upgrade for nearly 4 four years. As suggested, you need to sanitize your site thoroughly, preferably from a clean backup.

dalyjgf

#3
September 14, 2009, 06:25:39 PM
Thanks Joachim, I reinstalled over the existing installation and it cleared the problem, but when I logged in it gave loads of warnings about a register that was set on.  I changed the version of SQL I was using and this resolved it.  Thanks again.

Joachim Müller

#4
September 16, 2009, 01:06:24 PM
Quote from: dalyjgf on September 14, 2009, 06:25:39 PM
Thanks Joachim, I reinstalled over the existing installation and it cleared the problem, but when I logged in it gave loads of warnings about a register that was set on.  I changed the version of SQL I was using and this resolved it.  Thanks again.
That's no sanitization - that's just igoring what I have said and posted. So if you're happy with that, go ahead and ignore our advice. But don't come running if you get re-infected. Installing over an existing solution is just silly. Changing the mySQL version will not have an impact on the register_globals message that you probably got. You're just posting nonsense or you're doing nonsensical things that are not related. I couldn't care less, but just want to point this out to others who are looking for help on similar issues: guys, don't do what dalyjgf claims to have done. It just doesn't make sense. In fact, it's just nonsense.

Do exactly as suggested in Yikes, I've been hacked! Now what?
Any other advice is crap, sorry.
Print
Go Up Pages1
User actions