Security Problem? Gallery 1.5.10
|
mvsr
Joined: 2009-03-09
Posts: 1 |
Posted: Mon, 2009-03-09 06:55
|
|
Gallery URL (optional but very useful): http://monkeysvsrobots.com/gallery I was doing some maintenance cleaning up of spam comments on my site and noticed there are some strange search results coming from Google when I do a search on my sites domain name. I'm not sure where these links are coming from but they all point to stuff in the Gallery folder. However when you click the links it goes to various (non-Google) search pages with results. Here's a search term you can use to see what I'm talking about. Do a Google search for: site:monkeysvsrobots.com serials ( http://www.google.com/search?hl=en&q=site%3Amonkeysvsrobots.com+serial ) It will bring up a list of links that are for pirated software, spam, porn and all sorts of nasty things I really don't want to be associated with (if you do the search you'll understand why). Notice that the Gallery directory, is the only location where all these links seem to show up. I have a ton of other directories on that server so it seems odd for it to only be there. I inspected the directories quite thoroughly on the server and these files don't exist yet the links work. So where did it come from? Is it being spoofed somehow or is there a security problem in Gallery? Ideas? |
|
Posts: 6818
Gallery 1.5.10 has no known security issues.
But the albums folder is often writeable for everybody who has access to your webspace.
This can be a problem on shared hosts.
Someone could have hacked a different account on the server, but is abusing your webspace.
I would contact your hoster.
Jens
--
Gallery Developer