VaultPress Security Issue

  • Resolved Dr Cherif

    (@idrumit)


    7 years, 1 month ago

    Hi there, I have received this message from VaultPress:

    Generic.Eval.1

    This code pattern is often used to execute unauthorized programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

    admin_updates.php

    /plugins/js-jobs/modules/jsjobs/tmpl

    PHP.Shell.Embedded.2

    VaultPress has detected a web-based “shell” a very dangerous backdoor which may allow unauthorized access to your server. A shell may be used to infect your server with a virus, or add malware to your site.

    finalstep.php

    /plugins/js-jobs/modules/installer/tmpl

    sampledata.php

    /plugins/js-jobs/modules/installer/tmpl

    admin_stepone.php

    /plugins/js-jobs/modules/jsjobs/tmpl

    admin_stepthree.php

    /plugins/js-jobs/modules/jsjobs/tmpl

    admin_steptwo.php

    /plugins/js-jobs/modules/jsjobs/tmpl

    Why do i have this issue? How to fix it?

    BR
    Cherif

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author JoomSky

    (@rabilal)

    Hi,

    Thanks files are used to update the plugin.

    Regards,

    Thread Starter Dr Cherif

    (@idrumit)

    Hi There,

    I don’t really understand your reply. There is two issues:

    Generic.Eval.1: that is often used to execute unauthorized programs on server.

    PHP.Shell.Embedded.2: a web-based “shell” a very dangerous backdoor which may be used to infect the server with a virus, or add malware to your site.

    Action: The code in these files needs to be reviewed, and possibly cleaned.

    Will you do it? How can I correct it as requested?

    BR
    Cherif

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘VaultPress Security Issue’ is closed to new replies.