Author |
Message |
R5-T2
Nuke Soldier


Joined: Mar 17, 2009
Posts: 14
|
Posted:
Thu Mar 26, 2009 12:53 pm |
  |
I noticed every PM ever sent on our site is easily viewed by typing the pm.php directory location in a web browser. No registration is necessary.
Surely this is not supposed to work this way. |
|
|
   |
 |
Evaders99
Site Admin


Joined: Aug 17, 2003
Posts: 12482
|
Posted:
Thu Mar 26, 2009 7:34 pm |
  |
|
     |
 |
R5-T2
Nuke Soldier


Joined: Mar 17, 2009
Posts: 14
|
Posted:
Thu Mar 26, 2009 9:05 pm |
  |
|
   |
 |
Evaders99
Site Admin


Joined: Aug 17, 2003
Posts: 12482
|
Posted:
Thu Mar 26, 2009 11:33 pm |
  |
|
     |
 |
R5-T2
Nuke Soldier


Joined: Mar 17, 2009
Posts: 14
|
Posted:
Thu Mar 26, 2009 11:57 pm |
  |
It was sitting in the /html directory.
Typing MYWEBSITE.com/pm.php would show the entire history.
I moved it. Everything still works. |
|
|
   |
 |
Evaders99
Site Admin


Joined: Aug 17, 2003
Posts: 12482
|
Posted:
Fri Mar 27, 2009 6:02 pm |
  |
|
     |
 |
Slackervaara
Captain


Joined: Sep 13, 2003
Posts: 355
|
Posted:
Fri Mar 27, 2009 9:01 pm |
  |
I would guess that a hacker has uploaded pm.php to your site. Similar things happened to me when I used SpChat. Certain modules can be abused to upload things. |
|
|
   |
 |
R5-T2
Nuke Soldier


Joined: Mar 17, 2009
Posts: 14
|
Posted:
Sat Mar 28, 2009 8:19 am |
  |
Could be. One thing is certain. It was put there intentionally by someone. |
|
|
   |
 |
moshxsoft
Nuke Cadet


Joined: Sep 03, 2008
Posts: 6
|
Posted:
Wed Sep 16, 2009 7:02 am |
  |
|
    |
 |
kbgus
Premium


Joined: Jul 17, 2003
Posts: 49
|
Posted:
Thu Sep 24, 2009 6:58 pm |
  |
I know this is a little late, but for future reference:
Check with your web host - this looks like a server security issue. Also check your web logs. |
_________________ Software is like sex: It's better when it's free. (Linus Torvalds)
http://nukeSEO.com - PHPNuke SEO Search Engine Optimization, professional tools for PHP-Nuke |
|
    |
 |
Slackervaara
Captain


Joined: Sep 13, 2003
Posts: 355
|
Posted:
Thu Sep 24, 2009 9:18 pm |
  |
When you look in your accesslogs make a search in them for pm.php and you will maybe easy find how the hacker uploaded it. |
|
|
   |
 |
|