DwZone Forum Welcome to the DwZone-it Forum     FAQ   Search   Memberlist   Usergroups       Register -->   Login   Asp Upload and Resize   DwZone Forum Index -> Asp Upload and Resize Moderators: Administrators, Moderators  Mark all topics read Hint: For improved responsiveness, use Internet Explorer 4 (or above) with Javascript enabled, choose 'Dynamic' from the View dropdown and hit 'Set Options' to save your changes. Search for  View  Normal Expanded Dynamic Dynamic Memory Threaded Threaded Expanded Threaded Dynamic    Per page  102550    Messages Since  Last Visit Last Day Last Week Last Month Last 6 Months Last Year All Messages 771 to 780 of 860 (Total: 366) First |  Prev |  Next |  Last    Subject Author Date      Re:Aspect ratio question    [email protected]   19:09 18 Mar 2006      Re:Aspect ratio question    gianluigi   20:08 18 Mar 2006      Delete existing file    [email protected]   15:02 15 Mar 2006      Re:Delete existing file    gianluigi   19:15 15 Mar 2006      Re:Delete existing file    [email protected]   19:29 15 Mar 2006      Re:Delete existing file    gianluigi   19:43 15 Mar 2006      Re:Delete existing file    [email protected]   11:18 16 Mar 2006      Re:Delete existing file    gianluigi   6:51 17 Sep 2006       Security risk perhaps!    [email protected]   11:17 10 Mar 2006     I've recently had my server account hacked by someone uploading an asp script and executing it via the web. It deleted loads of files. I've no explanation as to how the person got the file onto my server in the first place. All my upload pages are behind a log in, and the logs show the person didn't log in to do this. All my upload pages also denied files such as asp aspx exe so they didn't use my upload pages to get the file on the server. The only explanation I can come up with is somehow someone submitted a file upload form from their computer directly to the UploadFiles scripts. Therefore is this possible? If so, I need to modify the script to only allow it to be run by users who have been authenticated by my site using a session value. Could you tell me which file in UploadFiles that I need to protect so that it cannot be used to uploadfiles by unauthorised users. [:(]          Re:Security risk perhaps!    gianluigi   19:57 10 Mar 2006   Last Visit: Friday 15 Nov, 2024 4:25 pm First |  Prev |  Next |  Last    Login Username:  Password:   Log me on automatically each visit:   Read Message   Unread message Read message [popular]   Unread message [popular] Read message [locked]   Unread message [locked] All times are GMT-1 Jump to:  Select a forum    Php Extensions --------------------  » Advanced Form Controls  » Advanced Image Gallery  » Advanced Mail  » Advanced Search  » Ajax DataGrid  » Ajax loader  » Boolean Update  » Dynamic Captcha Image  » Dynamic Chart  » Dynamic Image  » Form Validator  » Google Maps  » HTML to PDF  » Import/Export Tools  » Multi Column Combo  » Multiple file upload  » Multiple Record  » Other extensions  » PayPal IPN  » Query Manager and Recordset Wizard  » Recordset Paging  » Server Side Validation  » Shopping Cart  » Site Search Engine  » TreeView  » Two tables manager  » Upload and resize  » WYSIWYG Html Editor  Asp Extensions --------------------  » Advanced Form Controls  » Advanced Image Gallery  » Advanced Search  » Advanced Mail  » Ajax DataGrid  » Ajax loader  » Asp TreeView  » Asp Upload and Resize  » Boolean Update  » Dynamic Captcha Image  » Dynamic Chart  » Dynamic Image  » Form Validator  » Google Maps  » HTML to PDF  » Import/Export Tools  » Multi Column Combo  » Multiple file upload  » Multiple Record  » Other extensions  » PayPal IPN  » Query Manager and Recordset Wizard  » Recordset Paging  » Routing Map24  » Server Side Validation  » Shopping Cart  » Site Search Engine  » Two tables manager  » WYSIWYG Html Editor