Andrew's quick action this morning caught a hacker on one of my customer's domains who had compromised a Coppermine Gallery script to send spam. My customer has version 1.4.1, where the Coppermine site shows 1.4.12 (not sure if that's iteration 12 of version 1.4, or iteration 2 of 1.4.1). The hacker was able to use the upload feature of Coppermine to upload an executable.
The site is suspended, and I'll be upgrading the script tonight. Could this be a simple configuration item, where the customer has allowed any kind of file to be uploaded? Or is this a vulnerability of Coppermine?
The site is suspended, and I'll be upgrading the script tonight. Could this be a simple configuration item, where the customer has allowed any kind of file to be uploaded? Or is this a vulnerability of Coppermine?
Comment