Register Log In

UBB.threads PHP Forum Software Community Forums UBB.threads 7 Version 7 Support Are there any know security (Malware injections) holes in 7.2.2

Print Thread

Hop To

Are there any know security (Malware injections) holes in 7.2.2 #229464 09/25/2009 5:35 PM
Joined: Feb 2006 Posts: 24 M mswlogo_ newbie
mswlogo_ newbie M Joined: Feb 2006 Posts: 24	I've been struggling with malware iframe injections into html and php scripts on my web site. The attacker knows to inject into files like header.php in the includes directory. The file protections ARE locked down. In fact I have it so locked down I have difficulties doing normal duties myself and have to relax protection then restore it after I'm done (like on header.php. The Hacker can even change protection on files !!! Finally I locked PHP from being able to write any files. And no more attacks. The only PHP code I have is UBB Forum 7.2.2 !!! The hosting company (host excellence) has a scanner script that gives warnings in tons of UBB php files. Like those at the bottom. Note sure if this is a valid warning or not. Things are otherwise running smooth but I'll upgrade to latest version if known security issues are fixed. FYI Found eval( in mydomain.com/ubbthreads/importers/classic_import.phpskip: '\t@eval( $g_file );' FYI Found eval( in mydomain.com/ubbthreads/importers/classic_import.phpskip: '\t\t @eval( $hits_file );' FYI Found eval( in mydomain.com/ubbthreads/importers/classic_import.phpskip: '\t@eval( $mods_file );'

Entire Thread
Subject	Posted By	Posted
Are there any know security (Malware injections) holes in 7.2.2	mswlogo_	09/25/2009 9:35 PM
Re: Are there any know security (Malware injections) holes in 7.2.2	Rick	09/25/2009 11:08 PM
Re: Are there any know security (Malware injections) holes in 7.2.2	mswlogo_	09/26/2009 3:52 AM
Re: Are there any know security (Malware injections) holes in 7.2.2	Rick	09/26/2009 4:06 AM
Re: Are there any know security (Malware injections) holes in 7.2.2	TxConx	10/09/2009 1:32 AM
Re: Are there any know security (Malware injections) holes in 7.2.2	Rick	10/09/2009 1:54 PM
Re: Are there any know security (Malware injections) holes in 7.2.2	TxConx	10/09/2009 9:14 PM

Link Copied to Clipboard

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Bots
by Outdoorking - 04/13/2024 5:08 PM

Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM

Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM

This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM

Is UBB.threads still going?
by Aaron101 - 04/01/2022 8:18 AM

Who's Online Now

2 members (Nightcrawler, Ruben), 524 guests, and 148 robots.

Key: Admin, Global Mod, Mod

Random Gallery Image

Latest Gallery Images

Los Angeles

Los Angeles
by isaac, August 6

3D Creations

3D Creations
by JAISP, December 30

Artistic structures

Artistic structures
by isaac, August 29

Stones

Stones
by isaac, August 19

Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)