Hi, I have the lastest version of JCE and the lastest versions of the plugins installed in a 1.5.27 site. And every time I caught someone trying to invade the site using a URL attack. DonĀ“t know if it is a SQL Injection, but the fact is: they can always inject a malicious file in the site. The url is:
So, I ask to you to verify the Image Manager plugin to test this possibility and correct if found any holes. I will upgrade this site to Joomla 3 very soon, but meanwhile, others may suffering the same attack.
Thanks.
/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20bThe site have the correct permissions (755 to folders and 644 to files), I have RSFirewall installed and other measures like configuration file in another folder, strong passwords and users, url to admin panel changed...
So, I ask to you to verify the Image Manager plugin to test this possibility and correct if found any holes. I will upgrade this site to Joomla 3 very soon, but meanwhile, others may suffering the same attack.
Thanks.
It seems that module parameters haven't been configured properly. Please make sure that you are using a valid twitter username, and
that you have inserted the correct keys. Detailed instructions are written in the module settings page.