Malware false positive

  • Resolved Marco Chiesi

    (@marcochiesi)


    8 years ago

    Hi there,
    my exploit scanner tool detected a possible exploit in file
    products/photocrati_nextgen/modules/attach_to_post/package.module.attach_to_post.php
    In particular it detected a Regular expression match on [eval\(\$_REQUEST\[]
    I’ve checked that file and I’ve noticed it’s clearly a false positive, because there’s not an eval, but a doubleval($_REQUEST['ref']), which is harmless even if it is matched by the above regex.
    Since not so many people have the skills to tell that it’s a false positive, I would recommend you to change your code, i.e. using floatval instead of doubleval.
    All the best.

Viewing 1 replies (of 1 total)
  • Plugin Contributor photocrati

    (@photocrati)

    @marcochiesi – Thanks for the feedback on this. We’ll definitely take a look at implementing your idea.

    – Cais.

Viewing 1 replies (of 1 total)
  • The topic ‘Malware false positive’ is closed to new replies.