Bugtraq mailing list archives
Re: e107 latest download link is backdoored
From: "Carsten Eilers" <ceilers-lists () gmx de>
Date: Tue, 26 Jan 2010 12:17:57 +0100
Hi, Bogdan Calin schrieb am Mon, 25 Jan 2010 12:58:50 +0200:
The latest version of e107, version 0.7.17 contains a PHP backdoor. http://e107.org/e107_files/downloads/e107_v0.7.17_full.zip
The start page of e107.org, <http://e107.org/news.php>, contains suspect, probable malicious JavaScript-Code at the top,followed by many links in the format <a href='/wiki/docs/html/.store/[Spamtext]-[Number].php'>medical spam</a>, before the DOCTYPE-Declaration. Regards Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de>
Current thread:
- e107 latest download link is backdoored Bogdan Calin (Jan 25)
- Re: e107 latest download link is backdoored Chris Travers (Jan 25)
- Re: e107 latest download link is backdoored Valery Marchuk (Jan 25)
- Re: e107 latest download link is backdoored Carsten Eilers (Jan 26)
- Re: [Full-disclosure] e107 latest download link is backdoored David Sopas (Jan 26)
- Re: [Full-disclosure] e107 latest download link is backdoored Gregor Schneider (Jan 26)
- Re: [Full-disclosure] e107 latest download link is backdoored Fernando Augusto (Jan 26)
- Re: [Full-disclosure] e107 latest download link is backdoored Gregor Schneider (Jan 27)
- <Possible follow-ups>
- Re: Re: e107 latest download link is backdoored track (Jan 26)