Coppermine 1.4.10 has been Hijacked Coppermine 1.4.10 has been Hijacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Coppermine 1.4.10 has been Hijacked

Started by yushan, January 06, 2008, 02:27:29 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

yushan

January 06, 2008, 02:27:29 AM Last Edit: January 06, 2008, 04:30:30 AM by Nibbler
Dear Support,
I just found out that my coppermine has been hijacked, everytime I receive an email notification of new user registration, it sends the notification to two emails, one is the admin email (my email ***@***.com) and the other one is the hijacker's email which is kevin082312@gmail.com
I checked the "Gallery administrator email" under config, it has only admin email listed.

Fyi, This is Coppermine Version: 1.4.10

Please help, how do I go about fixing this?

Thanks,
Jason

Nibbler

#1
January 06, 2008, 03:24:34 AM
Check in the user list for the extra admin account and delete it. Update your gallery - current version is 1.4.14.

yushan

#2
January 06, 2008, 04:21:56 AM
Thank you I appreciate it!!! it's fixed now, Phew..I am glad they did not mess up with anything else, they could have deleted pictures, tables etc...that could be really bad. It reminds me I need to make regular backups

Joachim Müller

#3
January 06, 2008, 07:19:15 PM
Keep you gallery (and all other scripts you use) up-to-date. I suggest scanning the site for potential backdoors as well.
Print
Go Up Pages1
User actions