Forums list > Tech discussions > Avatar Upload Vulnerability - You may lost all your data!!!
Pages: [1]
Author Topic: Avatar Upload Vulnerability - You may lost all your data!!!  (Read 297 times)
pbog
Customers
Newbie
*

Karma: 0
Posts: 8
on: May 16, 11, 06:17 AM
Hi,

I've lost all my files on my hostgator account, not only the domain with the Pro Arcade website, but ALL (Joomla website, Wordpress and many others).

The problem is in the avatar upload script, it can be used to upload every file a user want.
In my case was uploaded a php shell software and my server files and all domains was deleted.

I ask Sergey to work in an script update to solve this dangerous vulnerability.

The DB is safe, so I ask if it is possible to have a script that retrieve all files (thumbs and swf), so I can return online without working for week to restore all...
Logged
Sergey
Administrator
Sr. Member
*

Karma: 7
Posts: 486


Email
Reply #1 on: May 22, 11, 06:01 AM
the solution is described in my thread created in February: http://www.proarcadescript.com/forum/index.php/topic,2049.0.html
Logged
Pages: [1]
 
Jump to: