Support Forum

Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
plugins-topic
3rd Party injection in forum scripts
Avatar
charles121
Johannesburg, South Africa
Member
Free Members
sp_UserOfflineSmall Offline
Mar 6, 2012 - 8:50 am

good day mr. Pappa and Yellow Swordfish

 

today I found a possible injection or link to injection in one of the files - see below:

you need to pay for this cryptyou need to pay for this cryptyou need to pay for this crypt
Warning: Cannot modify header information - headers already sent by (output started at /xxxxx/xxxxxx/public_html/justmail.za.net/index.php:1) in /xxxxx/xxxxxx/public_html/justmail.za.net/wp-content/plugins/simple-press/sp-startup/site/sp-ahah-handler.php on line 21

 

(the above comes up on the wp forum admin page)

 

could you recommend any action to stop unwanted 3rd party injections or interventions?embarassed

 

kind regards

charles

Avatar
Yellow Swordfish
Glinton, England
SP Master
sp_UserOfflineSmall Offline
Mar 6, 2012 - 9:11 am

I think the first thing you perhaps need to do is look at the index.php file in the wp-admin folder to ensure it is correct.

I would also suggest that issues like this are not dealt with publicly - it is unwise to have pasted in the path from your server in the post for example. I will remove it for you. But perhaps we could move the discussion to a PM instead in case we need to talk about other sensitive items

andy-signature.png
YELLOW
SWORDFISH
Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1170
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 650
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Member Stats:
Guest Posters: 620
Members: 17366
Moderators: 0
Admins: 4
Forum Stats:
Groups: 7
Forums: 17
Topics: 10128
Posts: 79626