!!!!! IMPORTANT Secury Issue in the Upload file

[RonnyK]

PM,

what version of CMSMS are you using?
And what do you mean with "Upload file"? I'm no developer, I know uploads-module, but I am not sure if you mean the same.

Ronny

[RonnyK]

PM,

As far as I see is there NO upload file in the root of CMSMS. There is a folder called "uploads", where you store your uploads. Maybe one of the devs can say if there is such a file for some reason, but if the file "uploads" is there is looks like it is NOT CMSMS related. They might have put it there in another way, not through CMSMS at all.

Ronny

[cnymike]

I have had this happen to me as well. You are probably on a shared server, you probably have 777 permissions on the uploads folder and probably someone else on the shared server had some sort of vulnerability that was exploited thus enabling the hacker to basically poke and prod his way through the server until he could find a place to upload his payload.

There are numerous other threads that discuss this in the forum. Have you read any of them?

[tsw]

check the file creation date.

then check server logs from that time for any suspicious requests.

[reneh]

yeah - that should be good

[Pierre M.]

Hello,

A webmaster that i'v been in contact with told me that i could correct this if i desactivate the "proxy rebound"
If anyone can tell me more about this and give me urgent solutions?

What is this "proxy rebound" thing ?
Urgent response (for further reference) : copy logs, wipeout everything, reinstall from scratch with latest db backup and set up some URL filtering. Search my posts about filtering URLs.

Pierre M.