hi marckd.
Have you enabled Protector?
It's a MUST module for the core from xoops.org like 2.0.14
And myAlbum-P always checks the uploaded files are valid or not.
Anyway, show the file to me with detail if you doubt me.
hi marckd.
Don't call cracker == "script kiddie" as "Hacker" please.
Hacker is a honorific title.
And my module is named myAlbum-P instead of "myAlbum".
Quote:
Protector? what is that and where do I enable it?
sigh...
Quote:
this was the only way to upload files, and so my first thought about the hack
You should know, a cracker can make files as he like via some vulnerable codes.
The feature of uploading is unrelated.
And, myAlbum-P always put uploaded files (number).(ext) like 1.jpg
You should check all modules you use.
In fact, There are too many vulnerable modules in xoops.org
0k, sorry again for the wrong terms
Quote:
In fact, There are too many vulnerable modules in xoops.org
is there a way to know this? a list maybe or some way to check vulnerabilities?
thanks again
Quote:
Quote:In fact, There are too many vulnerable modules in xoops.org
is there a way to know this? a list maybe or some way to check vulnerabilities?
Only skilled programmers/hackers can do that.
As far as I know, all code checkers for PHP are useless.