-! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -! | Forum

MemHT Portal is a Free PHP CMS and Blog

It permit the creation and the management online of websites with few and easy steps.
It's completelly customizable, expandable and suitable for all needs.

Download MemHT Portal

Home > Forum > MemHT Portal > Security, Bugs and Fixes > -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

Forum

Home > MemHT Portal > Security, Bugs and Fixes > -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

Moderators: Moderators

-! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

Author

Text

mcmxtr
Just arrived

Posts: 2
Contributes: 2

Gender: _NEUTRAL_

Online: No

Date: 07/09/2008 10:31 -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11618
how Fix it? Edited: 07/09/2008 13:40 Reason: (Edited by mem)

xgstq
Donator

Posts: 131
Contributes: 110

Gender: _MALE_

Online: No

Date: 07/09/2008 13:37 Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11621
doesn't look healthy...

hyperlink
Junior Member

Posts: 92
Contributes: 3

Gender: _MALE_

Online: No

Date: 07/09/2008 13:38 Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11623
i guest you can disable uploads/media till memht come

mem
MemHT's Dad
Admin & Developer

Posts: 5137
Contributes: 2480

Gender: _MALE_

Online: No

Date: 07/09/2008 13:48
Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

#post11625

How to fix:

Open inc/inc_statistics.php

Find

code

$visitorInfo['resolution'] = $_COOKIE['stats_res'];

row 123

Replace with

code

$visitorInfo['resolution'] = preg_replace('`[^0-9x]`is','',$_COOKIE['stats_res']);

It's time to change
MemHT Portal 5 suggestions summary

mem
MemHT's Dad
Admin & Developer

Posts: 5137
Contributes: 2480

Gender: _MALE_

Online: No

Date: 07/09/2008 13:54 Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11626
Thanks mcmxtr It's time to change MemHT Portal 5 suggestions summary

xgstq
Donator

Posts: 131
Contributes: 110

Gender: _MALE_

Online: No

Date: 07/09/2008 14:08 Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11629
Quick fix, thanks mem

mcmxtr
Just arrived

Posts: 2
Contributes: 2

Gender: _NEUTRAL_

Online: No

Date: 07/09/2008 23:39 Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!	#post11661
thans mem. i love it =)

Beatle
Junior Member

Posts: 20
Contributes: 20

Gender: _MALE_

Online: No

Date: 09/09/2008 00:46
Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

#post11741

Thanks! A friend of mine just sent me a link to milw0rm where it shows the exploit, I immediately came here to get a fix for it or to let you know about it! Glad you already had it covered!

Thanks, great script!

Free Cpanel Web Hosting █ Free Domain Appraisals
Free Image Hosting █ Free Blog Hosting
Learn Some Stupid Facts █ Free Web Videos █ Domains For Sale
Free Link Directory █ Domains Up For Auction

freaky
Crazy Member

Posts: 635
Contributes: 487

Gender: _MALE_

Online: No

Date: 09/09/2008 10:50
Re: -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

#post11753

quote

Beatle:
Thanks! A friend of mine just sent me a link to milw0rm where it shows the exploit, I immediately came here to get a fix for it or to let you know about it! Glad you already had it covered!

Thanks, great script!

haha I just came back from vacation and rushed on my computer at work to post this exploit.
Found it and milw0rm too Smile

!!
glade it was posted before me Smile

Peace Freaky

"Don't Talk about It, Be about it! PEACE" - Mos Def

vote -- here

Image resized (Original file: 468x60)

Home > MemHT Portal > Security, Bugs and Fixes > -! ???? MemHT Portal <= 3.9.0 Remote Create Shell Exploit -!

Tags Cloud

svn forum instalattion web wysiwyg admin tags blocks armatechsquad payment blog www.qpc.ro newsletters php-nuke Support Advertisement cant Ajaxs Search mod joomla register one balnk Latest downloads of a category 10 3.7.0 Update to 4.0.1 release installation slovak fix convert shop adsense browse mylinks tag calendar phpnuke ijoo post integration banned user smf problems install addons Edit button in News Posts 4.0.0 blank Hardware translate surveys development Send News message functions Drag community admin login problem Restrict profile visit get page language block customizzare meta tags error photo sfondo Param users templates addon hello dreamweaver Database chat italiano windows live writer MemHT Donations Tracking Block panel wizzywig update Native tongue election add page Polska Games slovak support banner cms wysywyg delete fusion installation problem particular user banned Navigator documents topic

Advertising

News Archive

Language

Help MemHT Portal

Navigator

Users Block

Hi Guest

IP: 38.103.63.59

New files

MemHT Wiki

How to install new Templates

Built-in Addons

Folder permissions

Virtual Addons

Default template style

How to install new Blocks

How to create static html pages

License

How to install new Addons

Friends

"I just downloaded and started testing MemHT, but so far I am impressed. It has a nice and clean look to it and it runs very well. I found it very easy to setup and use to this point. It was also very easy to setup a new template for"

jhalls

Disclaimer and Privacy Policy
Newsletter
Contact

Last news

Sitemap