Is there a way for a hacker to get in through a hole in the msql data base Is there a way for a hacker to get in through a hole in the msql data base
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Is there a way for a hacker to get in through a hole in the msql data base

Started by halfpint, August 31, 2007, 01:02:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

halfpint

Hi my website has been hacked twice now first they deleted the whole website now today they deleted the index page
My server host sent me this "but keep in mind if your scripts have SQL injection or other vulnerabilities this isn't something we can really actively scan for. You'll need to keep any scripts and/or CMS systems you have installed updated to the latest versions."

I have coppermine v1.4.10 with no mods or bridges

Is there a way that a hacker can get into my public_html folder and delete all my files using a hole in the coppermine sql script, If there is, is there a patch for this

regards



Hein Traag

QuoteI have coppermine v1.4.10 with no mods or bridges

Coppermine 1.4.12 is the stable and secure version. You have to update because 1.4.10 had some security issues.
Upgrading a.s.a.p. should put a stop to annoying hackers as wel.

Read this to know what has changed: http://forum.coppermine-gallery.net/index.php?topic=44924.0

halfpint

ok thanks will this upgrade the current version i have with no problems as the version i installed was from fantastico on my server host

regards

Hein Traag

 ;D Search for Fantastico on this board to find out how much it is not liked at all.

Your better off doing a fresh install instead of updating the fantastico installation. Save your db before doing so.

halfpint

oh no i hate it when people say that, :) This means trouble for me o how i hate scripts

I think i will talk to the tech guys on my server before i install the upgrade

Thanks for all your help it is appreciated :)

Joachim Müller

Don't make your techs perform the upgrade for you. Performing the upgrade is extremely easy, you don't need to know nor understand scripts. Just read the upgrade section of the docs and do exactly as suggested there.