- Bought between 50 and 99 items
- Exclusive Author
- Has been a member for 3-4 years
- United Kingdom
Our server was exploited again… even though the latest version of timthumb 2.8.10 was on and the exploit checker plugin shown no problems/threats, site was compromised and server had to be nulled in order to stop the attacks.
its either 2.8.10 has the same exploit or changing from old versions doesn’t help much since it infects other files. We can’t find at the moment were the exploit is still hiding… we cleared all possible places where it could be but no luck. If anyone had the same problem would be much appreciated with some advise… if we find it will let you know. At the moment only solution was to suspended the hosting account for that site completely.
- Attended a Community Meetup
- Author had a File in an Envato Bundle
- Author was Featured
- Bought between 1 and 9 items
- Contributed a Tutorial to a Tuts+ Site
- Exclusive Author
- Has been a member for 4-5 years
- Item was Featured
It is much more likely that you have files or changes remaining from the old intrusion. The latest version of TimThumb is secure. You may also want to update all of your passwords to be sure they have not been compromised.
