|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
Okay, here is what I know right now and am learning more as I go. I run 3.7.2 They uploaded a malicious file google.js which was sending people to a russian site. Then they uploaded two different files directly into the customavatar folder ./customavatars/adm.php One of those was a program called adminer 2.3.1 Screen shot: They also uploaded another file that I'm not sure what it does... it was ./customavatars/setting.php This one only has a password. I have removed all files but would like help in knowing where the vulnerabilities are!! I have removed the ability for people to upload custom avatars for the time being because I assume that is how this happened. Thoughts? __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |