Support » Fixing WordPress » index.php injection

  • Hi my wordpress installation it’s been hacked using php injection I think. I’ve discover this on the log:

    /index.php?p= HTTP/1.1″ 200 73443 “-” “libwww-perl/5.805”

    and list.txt is a file with php

    Any help?
    P.D. I’ve versiĆ³n 2.0.5 just updated

Viewing 2 replies - 1 through 2 (of 2 total)
  • 1. Check with your host – it may be that the server has been hacked through some other site!
    2. Check the file permissions on all your files and folders.
    3. Change your passwords.

    Moderator Peter Westwood


    WordPress Lead Developer

    I don’t see how this request could actually inject anything.

    The p query arg is the post id

    in WP::parse_query it is cast to int:

    wp-inclues/classes.php:93 $qv[‘p’] = (int) $qv[‘p’];

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘index.php injection’ is closed to new replies.