Upload.php ....

gnubittol · December 10th, 2005, 11:48 AM

"..image uploads and potentially opens a cross-site-scripting exploit. It has affected many web-based applications that allow image uploads..."

this is the description on Vbulletin.con at this thread:

http://www.vbulletin.com/forum/showthread.php?t=161721

on november, 2

My VBGallery is the last version... and BEFORE of this data....
Today I've found these files :

commands.php
common.php
system.php
time.php
.htaccess

al the files are created at the same time.... at 09.55am
the contents... NO COMMENT.

is it possible that this "malaware" are ulpoaded on my site via upload.php ?
( they are present only in the subdir of gallery... images users etc.. )

thanks in advance.

Zachariah · December 10th, 2005, 12:44 PM

There are not standard gallery files included with the install package.

Take a look @ FTP access logs on the webserver to see if those might of been files uploaded in the wrong folder durring a hack install. (draged and dropped in the wrong folder)

Quote:

al the files are created at the same time.... at 09.55am
the contents... NO COMMENT.

Your saying the the files content was "blank" or just had the text "NO COMMENT" ?

gnubittol · December 10th, 2005, 01:55 PM

Quote:

Originally Posted by Zachariah

There are not standard gallery files included with the install package.

I know....

Quote:

Originally Posted by Zachariah

Your saying the the files content was "blank" or just had the text "NO COMMENT" ?

No comment was for the content....for example... this is command.php

Code:

Content visible to verified customers only.

if you wonna I post all the contents of the othe files.....
but as you can read is not good... :|

gnubittol · December 11th, 2005, 02:46 PM

Bump...

KW802 · December 11th, 2005, 09:17 PM

Gnubittol, what exactly is the question? And have you deleted those files yet?

gnubittol · December 13th, 2005, 07:27 PM

Quote:

Originally Posted by KW802

Gnubittol, what exactly is the question? And have you deleted those files yet?

These files were "uploaded" in my web space Only in the folders with "777" chmod , and in the "Files" folder of vbgallery, of course, were presents.

the question is:
Is a bug of PHP or a bug of VBGallery?

These files was REMOVED immediatly from the server and I changed the permissions on all "777" folders NOW vbGalery is READ ONLY ( no upload is available) .....

TheLastMohican · November 7th, 2007, 03:42 PM

And this is still a problem, got exactly the same issue this evening.

Part of the installation manual says;

Now create a directory on your web server for PhotoPost. The directory needs to be accessible via the web. FTP PhotoPost's directories and files from your local machine to your server. The directory structure on your server should be as follows:

photopost
images (chmod 755)
uploads (chmod 777)
help (chmod 755)
data (chmod 777)
1 (chmod 777 - including subdirectories)
2 (chmod 777 - including subdirectories)
500 (chmod 777 - including subdirectories)
languages (chmod 755) (a
stylesheets (chmod 777)
templates (chmod 777)
forums (chmod 755)

So my questions now is, if i set data and uploads to 755 will i then not be able to upload anything in the photo gallery?

What can i do to prevent the photo gallery from being hacked?

I use PhotoPost 562

TheLastMohican · November 10th, 2007, 06:02 AM

No answer from any support people or developers here?

Can PhotoPost work if the data, uploads, templates are not set to 777? I would like to have an answer, thanks.

Ramses · November 10th, 2007, 06:06 AM

Maybe no response because you're in the wrong forum category, this is for vbgallery.