Novosti:

Aktualne Joomla! verzije: 3.10.11 i 4.2.6

Main Menu

banner

Autor erbi, 20. Travanj 2012, 12:17

0 Članovi i 1 Gost pregledava ovu temu.

erbi

Pozdrav!

Stavio sam baner (modul banners) i stavio ovako:
Citat:<a href={CLICKURL}>Klik da zaradite</a>
A danas je ovo projenjeno i vidi ovako:
Citat:<a href={CLICKURL}?phpMyAdmin=NDwUuHuEkpGsMJMEvXb21iIYiM8>Klik da zaradite</a>
Možda iko zna, šta se dešava?
Joomla je 2.5.4

Bernard [ExaByte]

Kao što ti je odgovoreno i na službenom Joomla Forumu, vrlo vjerojatno imaš instaliranu ranjivu ekstenziju. Nisi odgovorio/la.

Slijedi upute iz navedenog posta, te objavi odgovor tamo ili ovdje, da ti možemo dalje pomoći ...

erbi

Uradio sam ovaj FPA test i ne pokazuje ništa kritično. Pratim i "Vulnerable extension" a i tamo nije ništa takvog. Moj PC nema virusa, jer sam pretražio sa više antivirus programa, a niko drug ne dostupa u administraciju.
Gledao sam i backup baze, kojog radim svaki dan putem cron i primjetio, da je do ovog došlo isti dan, kad mi je hoster promjenio hosting.
Najprije sam imao hosting sa php 5.2.17, onda hoster uradi kopiju stranice i prebaci kopiju na php 5.3. Takvo je bilo par dana. Onda mi uradi sve zapise za www.mojastranica...... i kad je sve proradilo na starom hostingu obrisao stranicu.

A sad neznam šta ...

Bernard [ExaByte]

Citat: erbi  u 22. Travanj 2012, 22:06
Uradio sam ovaj FPA test i ne pokazuje ništa kritično. Pratim i "Vulnerable extension" a i tamo nije ništa takvog. Moj PC nema virusa, jer sam pretražio sa više antivirus programa, a niko drug ne dostupa u administraciju.
Gledao sam i backup baze, kojog radim svaki dan putem cron i primjetio, da je do ovog došlo isti dan, kad mi je hoster promjenio hosting.

To što ne ispiše ništa kritično ne znači da je sve u redu. Pogledaj opcije za FPA i koristi opciju da ispiše sve ekstenzije koje imaš instalirane, pa objavi u ovom postu.

Citat: erbi  u 22. Travanj 2012, 22:06
Najprije sam imao hosting sa php 5.2.17, onda hoster uradi kopiju stranice i prebaci kopiju na php 5.3. Takvo je bilo par dana. Onda mi uradi sve zapise za www.mojastranica...... i kad je sve proradilo na starom hostingu obrisao stranicu. A sad neznam šta ...

Promjena PHP verzije vjerojatno nije donijela ranjivost tvojem siteu (osim ako koristiš neku vrlo loše napisanu ekstenziju). Prije bi moglo biti da su zeznuli prava na datotekama...

erbi

Sa promjenom php se je je promjenio i host (drugi server, isti hoster).
Citat: Last PHP Error(s) Reported :: Forum Post Assistant (v1.2.0) : 22nd April 2012[size=85][13-Apr-2012 11:48:47] PHP Fatal error:  Class \'softpanel\' not found in /usr/local/softaculous/cron.php on line 73[/size]
Citat: Forum Post Assistant (v1.2.0) : 22nd April 2012
Citat: Basic Environment ::[size=85]Joomla! Instance :: Joomla! 2.5.4-Stable (Ember) 2-April-2012
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Read-Only (444) | Owner: radiobtest (uid: 10643/gid: 2523) | Group: psacln (gid: 2523) | Valid For: 1.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 1 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: N/A | Unicode Slugs: N/A | Database Credentials Present: Yes

Host Configuration :: OS: Linux |  OS Version: 2.6.18-238.12.1.el5.028stab091.1 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /var/www/vhosts/radio-bizjak.si/httpdocs | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.8 | PHP API: cgi-fcgi | Session Path Writable: Unknown | Display Errors:  | Error Reporting: 22517 | Log Errors To: /usr/share/php/php.log | Last Known Error: 13th April 2012 11:48:47. | Register Globals:  | Magic Quotes: 1 | Safe Mode:  | Open Base: .:/var/www/vhosts:/tmp:/usr/share/php:/var/cache/php-eaccelerator:/usr/share/pear:/var/lib/php/session | Uploads: 1 | Max. Upload Size: 50M | Max. POST Size: 50M | Max. Input Time: 600 | Max. Execution Time: 600 | Memory Limit: 128M

MySQL Configuration :: Version: 5.1.57-log (Client:5.1.57) | Host:  --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 4.38 MiB | #of _FPA_TABLE: 83[/size]
Citat: Detailed Environment ::[size=85]PHP Extensions :: Core (5.3.8) | date (5.3.8) | ereg () | libxml () | openssl () | pcre () | zlib (1.1) | bz2 () | calendar () | ctype () | hash (1.0) | filter (0.11.0) | ftp () | gettext () | gmp () | SPL (0.2) | iconv () | pcntl () | readline () | Reflection ($Revision: 313665 $) | session () | standard (5.3.8) | shmop () | SimpleXML (0.1) | sockets () | exif (1.4 $Id: exif.c 314376 2011-08-06 14:47:44Z felipe $) | tokenizer (0.1) | xml () | cgi-fcgi () | bcmath () | curl () | dom (20031129) | fileinfo (1.0.5-dev) | gd () | imagick (3.0.1) | imap () | json (1.2.1) | mbstring () | mcrypt () | memcache (2.2.6) | mssql () | mysql (1.0) | mysqli (0.1) | OAuth (1.2.2) | odbc (1.0) | PDO (1.0.4dev) | pdo_dblib (1.0.1) | pdo_mysql (1.0.2) | PDO_ODBC (1.0.1) | pdo_sqlite (1.0.1) | Phar (2.0.1) | posix () | pspell () | soap () | sysvmsg () | sysvsem () | sysvshm () | wddx () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.9.1) | mhash () | eAccelerator (0.9.6-svn358-dev) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: No |  PHP SU: Yes |   Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No [/size]
Citat: Folder Permissions ::[size=85]Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) :: None [/size]
Citat: Extensions Discovered ::[size=85]Components :: SITE :: com_mailto (2.5.0) | com_wrapper (2.5.0) | WF_VISUALCHARS_TITLE (2.0.21) | WF_CONTEXTMENU_TITLE (2.0.21) | WF_AUTOSAVE_TITLE (2.0.21) | WF_SPELLCHECKER_TITLE (2.0.21) | WF_LAYER_TITLE (2.0.21) | WF_NONBREAKING_TITLE (2.0.21) | WF_FULLSCREEN_TITLE (2.0.21) | WF_SOURCE_TITLE (2.0.21) | WF_CLEANUP_TITLE (2.0.21) | WF_TABLE_TITLE (2.0.21) | WF_INLINEPOPUPS_TITLE (2.0.21) | WF_PRINT_TITLE (2.0.21) | WF_TEXTCASE_TITLE (2.0.21) | WF_BROWSER_TITLE (2.0.21) | WF_MEDIA_TITLE (2.0.21) | WF_SEARCHREPLACE_TITLE (2.0.21) | WF_ARTICLE_TITLE (2.0.21) | WF_STYLE_TITLE (2.0.21) | WF_IMGMANAGER_TITLE (2.0.21) | WF_PREVIEW_TITLE (2.0.21) | WF_PASTE_TITLE (2.0.21) | WF_LINK_TITLE (2.0.21) | WF_MEDIAMANAGER_TITLE (2.0.6) | WF_XHTMLXTRAS_TITLE (2.0.21) | WF_DIRECTIONALITY_TITLE (2.0.21) | WF_LINKS_JOOMLALINKS_TITLE (2.0.21) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.0.21) | WF_FILESYSTEM_JOOMLA_TITLE (2.0.21) | WF_AGGREGATOR_VIMEO_TITLE (2.0.21) | WF_AGGREGATOR_YOUTUBE_TITLE (2.0.21) | WF_POPUPS_JCEMEDIABOX_TITLE (2.0.21) | WF_POPUPS_WINDOW_TITLE (2.0.21) |
Components :: ADMIN :: com_media (2.5.0) | XCloner-BackupandRestore (3.0.9) | com_weblinks (2.5.0) | com_admin (2.5.0) | JEvents (2.1.14) | com_newsfeeds (2.5.0) | com_cache (2.5.0) | com_login (2.5.0) | com_languages (2.5.0) | com_redirect (2.5.0) | com_installer (2.5.0) | JCE (2.0.21) | Editor - JCE (2.0.21) | Unknown (-) | com_content (2.5.0) | com_modules (2.5.0) | Proforms (Basic 1.2) | com_plugins (2.5.0) | com_users (2.5.0) | com_categories (2.5.0) | com_joomlaupdate (2.5.0) | com_finder (2.5.0) | com_checkin (2.5.0) | com_messages (2.5.0) | com_xmap (2.2.1) | com_banners (2.5.0) | com_config (2.5.0) | com_search (2.5.0) | com_templates (2.5.0) | com_cpanel (2.5.0) | com_menus (2.5.0) |

Modules :: SITE :: mod_whosonline (2.5.0) | mod_weblinks (2.5.0) | mod_search (2.5.0) | mod_footer (2.5.0) | JEvents Calendar (2.1.3) | mod_wrapper (2.5.0) | mod_finder (2.5.0) | mod_feed (2.5.0) | mod_languages (2.5.0) | mod_related_items (2.5.0) | mod_articles_category (2.5.0) | mod_custom (2.5.0) | mod_stats (2.5.0) | mod_users_latest (2.5.0) | mod_banners (2.5.0) | mod_random_image (2.5.0) | mod_articles_popular (2.5.0) | mod_breadcrumbs (2.5.0) | mod_articles_categories (2.5.0) | mod_syndicate (2.5.0) | mod_menu (2.5.0) | mod_cdlogin (2.5.x.2.0.4) | mod_login (2.5.0) | mod_weather_gk4 (GK4 1.5) | ARI YUI Menu (2.0.5) | mod_articles_latest (2.5.0) | mod_articles_news (2.5.0) | mod_articles_archive (2.5.0) |
Modules :: ADMIN :: mod_status (2.5.0) | mod_feed (2.5.0) | mod_custom (2.5.0) | mod_popular (2.5.0) | mod_quickicon (2.5.0) | mod_submenu (2.5.0) | mod_latest (2.5.0) | mod_version (2.5.0) | mod_menu (2.5.0) | mod_login (2.5.0) | mod_multilangstatus (2.5.0) | mod_title (2.5.0) | mod_toolbar (2.5.0) | mod_logged (2.5.0) |

Plugins :: SITE :: plg_finder_content (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_weblinks (2.5.0) | plg_finder_contacts (2.5.0) | plg_editors_codemirror (1.0) | plg_editors_tinymce (3.4.9) | Editor - JCE (2.0.21) | plg_content_finder (2.5.0) | plg_content_josdewplayer (2.0) | plg_content_emailcloak (2.5.0) | plg_content_geshi (2.5.0) | plg_content_joomla (2.5.0) | plg_content_loadmodule (2.5.0) | plg_content_pagebreak (2.5.0) | plg_content_vote (2.5.0) | plg_content_pagenavigation (2.5.0) | plg_extension_joomla (2.5.0) | plg_user_profile (2.5.0) | plg_user_joomla (2.5.0) | plg_user_contactcreator (2.5.0) | plg_quickicon_extensionupdate (2.5.0) | plg_quickicon_joomlaupdate (2.5.0) | plg_system_highlight (2.5.0) | plg_system_cache (2.5.0) | plg_system_cdscriptegrator (2.5.x.2.1.8) | PLG_SYSTEM_NNFRAMEWORK (12.3.1) | System - SEOSimple (2.1) | plg_system_redirect (2.5.0) | plg_system_languagefilter (2.5.0) | plg_system_logout (2.5.0) | plg_system_languagecode (2.5.0) | plg_system_debug (2.5.0) | plg_system_p3p (2.5.0) | Security - jHackGuard (1.2.2) | plg_system_remember (2.5.0) | PLG_SYSTEM_MODALIZER (2.6.4) | plg_system_log (2.5.0) | plg_system_sef (2.5.0) | plg_captcha_recaptcha (2.5.0) | plg_search_content (2.5.0) | plg_search_categories (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_contacts (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_gmail (2.5.0) | plg_authentication_joomla (2.5.0) | Xmap - WebLinks Plugin (2.0) | Xmap - Virtuemart Plugin (2.0.0) | Xmap - Mosets Tree Plugin (2.0.2) | Xmap - Kunena Plugin (2.0.2) | Xmap - Content Plugin (2.0.3) | Xmap - SobiPro Plugin (2.0.1) | plg_editors-xtd_readmore (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) | [/size]
Citat: Templates Discovered ::[size=85]Templates :: SITE :: ALLROUNDER-j1.6 (1.2) | beez5 (2.5.0) | beez_20 (2.5.0) | bizjak (1.3) | atomic (2.5.0) |
Templates :: ADMIN :: bluestork (2.5.0) | hathor (2.5.0) | [/size]