PhotoPost Community - View Single Post - PhotoPost 5.2 - I got hacked

Pauline Kenny · October 17th, 2005, 10:24 AM

HostRocket is telling me that the problem is with a vulnerable script - "a security flaw in a script installed on the account is used to add files in the same way that many scripts are designed to legitimately allow users to add/upload files". So, it seems that PhotoPost is blaming HostRocket and HostRocket is blaming PhotoPost.

Were there security problems with earlier versions of PhotoPost (I found some information about hacking PhotoPost on the web)? Could it have happened because I had old PhotoPost files on the server? When I upgraded the last few times, I did not delete the old files that were no longer used (they are gone now).

How should permissions be set on all the PhotoPost folders? I want to go through and check that.

October 17th, 2005, 10:24 AM	#12 (permalink)
Pauline Kenny Member Verified Customer Join Date: May 2003 Location: Santa Fe, NM Posts: 39	HostRocket is telling me that the problem is with a vulnerable script - "a security flaw in a script installed on the account is used to add files in the same way that many scripts are designed to legitimately allow users to add/upload files". So, it seems that PhotoPost is blaming HostRocket and HostRocket is blaming PhotoPost. Were there security problems with earlier versions of PhotoPost (I found some information about hacking PhotoPost on the web)? Could it have happened because I had old PhotoPost files on the server? When I upgraded the last few times, I did not delete the old files that were no longer used (they are gone now). How should permissions be set on all the PhotoPost folders? I want to go through and check that.