[pmwiki-users] action=upload hacked ???

Christophe David pmwiki at christophedavid.org
Fri May 4 14:46:01 CDT 2007


>
> Is the root directory of the field writable?  If so, it shouldn't be.



It is indeed.  Will change that.


That still doesn't explain where the files are coming from,
> but I suspect it's not as a result of the uploads capability.
>
> >    I would appreciate it if someone would report a similar experience
> and
> >    share his findings, or suggest a particular cookbook or combination
> of
> >    settings that would allow the creation of these files.
>
> Perhaps you could help us narrow things down by letting us know
> what recipes and/or settings you're using...?



Here we go...

ActionLog.php
authuser.php
charts.php
emenu.php
enablehtml.php
e-protect.php
expirediff.php
FlashMindMap.php
includeSite.php
pmwiki2pdf.php
postitnotes.php
rssdisplay.php
searchterms.php
sourceblock.php
stylepage.php
VisitorsLogging.php


Unfortunately, the accesslog retention period is such that I missed the
lines for the moment these files were created.

I intend to check for the existence of such files more often and try to find
in the access log which page/action was used.

Christophe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20070504/dfadd535/attachment-0001.html 


More information about the pmwiki-users mailing list