Jump to content

Search the Community

Showing results for tags 'security'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • The Control Tower
    • Announcements
    • Off-Topic Banter
    • Virtual Airlines
    • fivedev hosting
  • phpVMS
    • Support Forum
    • FAQ
    • Skinning
    • Paid Services
    • vaCentral
  • phpVMS 7
    • Announcements
    • General Discussions
    • Support
    • Build Log
  • Add-Ons
    • General & Support
    • Releases
    • Code Snippets
    • kACARS
    • KJRDev Addons
    • Parkho's Addons
    • PHP-Mods Addons
    • Simpilot Group Addons
  • Check out the available hosting plans


  • Getting Started
  • Administrator Guide
  • End Users Guide
  • Configuration Settings
  • ACARS Guides
  • Routes and Navigation Data
  • Skinning and Customization Guides
  • Developers Guides

Found 3 results

  1. The third party Open Flash Chart script that is used within phpVMS has an exploit that has been used recently and often to deface and/or alter sites using the phpVMS software. I have cleaned 11 of my client's sites in the last 36 hours. Although some sites have been obviously defaced with homepages replaced, some have had advertising scripts uploaded to redirect users to various companies. An example of a defacement today -> http://hack-db.com/787962.html The exploit is explained here -> http://www.exploit-d...exploits/10532/ WHAT TO LOOK FOR; if you have a folder in /core/lib/ that is called "tmp-upload-images" your site has been compromised. Inside that folder can be a number of files but the one that gets everything started is .wp-moon.php I have also found these in that folder 1.php e.php er.php tb.php If this folder is present start looking in the root of your site for files possibly called 0zie.html index.html - if you had one previously check the date of the last change, it may have been overwritten agg.html - an advertising script for ugg boots..... cst.html sto.html unc.html What do I do now? Delete the entire folder "tmp-upload-images" and remove any other suspicious files from the root of your site. Review ANY file that you do not recognize or has a last changed date similar to those in the "tmp-upload-images" file. Delete or rename the folder /core/lib/php-ofc-library The script(s) that are being used in this exploit are within this folder. This will cause all of the flash charts on the site to no longer function but all other functionality should remain as it was. NOTE: There is a school of thought that the only file that is being exploited is the "ofc_upload_image.php" file within the "php-ofc-library" folder. You can try to delete just this file and your charts will still function but there may still be a vulnerability and I would watch your directory tree for a while. In all the sites I have cleaned today I have not found any evidence of any database intrusion or data loss. I would still HIGHLY recommend that if you have found any of these items on your site to change all your passwords associated with the site as soon as possible. This includes the database password that phpVMS uses, emails use, and web panel admin access passwords. Nabeel has been made aware of this and is researching a patch at this time. Update 1 - http://forum.phpvms.net/topic/16288-notice-open-flash-chart-exploit/#entry82657 Upadte 2 - http://forum.phpvms....__20#entry82672
  2. I've finished a little code snippet for everyone, I was prompted to create this in regards to a particular individual that posted someone else's PHPVMS Skin. Well, the only way this person got this, was either through Fire Fox FireBug plugin, or just plain hacked it. ( the code source that is.) Easy to do now a days, so here, this is for Everyone, and is really simple, short and to the point. This will Protect against a right click to view the page source, if you put this into the ---> layout.php page, and/or the , frontpage_main.php "Anywhere", and of course this can be used anywhere you want. And it IS HTML compliant !! Period. php,htm, html, xml, and xhtml. Bottom line. Photos, YOUR HARD WORK, can't get skyped right out of the gate. It works for us, hope ya all can put it to good use. Thanks, Jim "Jungle" copy and paste this into the Head of the layout.php of the Skin you are using for phpvms. Again, it can be put all over the place if so Desired, however, usually the layout.php file is the source of your site, and skin setup you have created. <!--protect site script , start code--> <script language=Javascript> var message="Copyright All Rights Reserved!"; function clickIE4(){ if (event.button==2){ alert(message); return false; } } function clickNS4(e){ if (document.layers||document.getElementById&&!document.all){ if (e.which==2||e.which==3){ alert(message); return false; } } } if (document.layers){ document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4; } else if (document.all&&!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") </script> <!--end protect script--> Feel free to visit any of my sites, working demos at ; http://heritage-va.net/hva and as usual, I will be MORE THEN HAPPY to answer you guys with questions. Give me time though, I am 100% disabled, to answer, sorry, (war vet). But I will answer as quick as possible. May God Speed, and see ya all in duh Air !
  3. MySQL Security Hole in phpVMS

    There is a security hole affecting ALL versions of phpVMS. The security whole affects Auth.class.php and can be exploited via the login form. I have submitted a pull request on github, and i suggest a patch is released ASAP.