Carlos Garcia Posted September 30, 2013 Report Share Posted September 30, 2013 Please patch your sites : QUOTE :"Hi Carlos Garcia,It's come to my attention that there is a nasty exploit for phpVMS that is out in the wild, and sites are getting hit with it. The exploit is not actually in phpVMS, but in a 3rd party library that's used for the charts. It allows the attacker(s) to write files to your server, and spam out from it.Currently the way to fix it is simple: delete the file in core/lib/php-ofc-library/ofc_image_upload.php. Also please make sure that you've deleted any suspicious files, some names include kill.php, contact.html, etc.If you have a tmp-upload-images in your core/lib folder, your server has been compromised.Please visit this thread and take a look at the possible files that have been uploaded.http://forum.phpvms.net/topic/16288-notice-open-flash-chart-exploit/I've removed the above file from the download links from phpVMSThanks, and sorry for any troubles!Nabeel-------------------------------------Handy Links-------------------------------------Community Address: http://forum.phpvms.net/index.phpLog In: http://forum.phpvms.net/index.php?app=core&module=global§ion=loginLost Password Recovery: http://forum.phpvms.net/index.php?app=core&module=global§ion=lostpass Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.