PhotoPost Community - View Single Post

gnubittol · December 10th, 2005, 11:48 AM

"..image uploads and potentially opens a cross-site-scripting exploit. It has affected many web-based applications that allow image uploads..."

this is the description on Vbulletin.con at this thread:

http://www.vbulletin.com/forum/showthread.php?t=161721

on november, 2

My VBGallery is the last version... and BEFORE of this data....
Today I've found these files :

commands.php
common.php
system.php
time.php
.htaccess

al the files are created at the same time.... at 09.55am
the contents... NO COMMENT.

is it possible that this "malaware" are ulpoaded on my site via upload.php ?
( they are present only in the subdir of gallery... images users etc.. )

thanks in advance.

December 10th, 2005, 11:48 AM	#1 (permalink)
gnubittol Junior Member Verified Customer Join Date: Jun 2005 Posts: 15	Upload.php .... "..image uploads and potentially opens a cross-site-scripting exploit. It has affected many web-based applications that allow image uploads..." this is the description on Vbulletin.con at this thread: http://www.vbulletin.com/forum/showthread.php?t=161721 on november, 2 My VBGallery is the last version... and BEFORE of this data.... Today I've found these files : commands.php common.php system.php time.php .htaccess al the files are created at the same time.... at 09.55am the contents... NO COMMENT. is it possible that this "malaware" are ulpoaded on my site via upload.php ? ( they are present only in the subdir of gallery... images users etc.. ) thanks in advance.