Romsonic
Forum Replies Created
-
Forum: Plugins
In reply to: [W3 Total Cache] [Plugin: W3 Total Cache] W3 total cache and securityHey,
I found this topic after looking if W3 is possibly injected with code ?? I am getting these errors when running exploit scan:
plugins/w3-total-cache/lib/Microsoft/WindowsAzure/Credentials/CredentialsAbstract.php:111
$this->_accountKey = base64_decode($accountKey);
plugins/w3-total-cache/lib/Microsoft/WindowsAzure/Credentials/CredentialsAbstract.php:135
$this->_accountKey = base64_decode($value);
plugins/w3-total-cache/lib/Microsoft/WindowsAzure/Storage/Queue.php:467
base64_decode((string)$xmlMessages[$i]->MessageText)
plugins/w3-total-cache/lib/Microsoft/WindowsAzure/SessionHandler.php:150
return base64_decode($sessionRecord->serializedData);
plugins/w3-total-cache/lib/Minify/FirePHP.php:1035
* Javascript, and can be directly eval()’ed with no further parsing
plugins/w3-total-cache/lib/Nusoap/class.soapclient.php:711
eval($evalStr);
plugins/w3-total-cache/lib/Nusoap/nusoap.php:7020
return base64_decode($value);
I found this topic after looking for
Frederick could you please let me know if this is safe code or not?? Or is it safe to delete these lines?
Same here. But i think these are false positives. The pcache and minify works fine.