Possible hack attempt

  • Resolved Alex Spataru

    (@alexandrubr)


    3 years, 4 months ago

    Hi,

    I discovered a few lines of logs which seem interesting:

    PHP Warning: is_file(): open_basedir restriction in effect. File(/home/clients/xyz/prod/xyz//search/../../../../../etc/passwd/) is not within the allowed path(s): (/home/clients/xyz/prod/xyz:/tmp:/usr/share/php:/usr/share/pear:/home/clients/muwps:/dev/urandom) in /home/clients/xyz/prod/xyz/wp-content/plugins/translatepress-multilingual/includes/class-url-converter.php on line 479

    I’m wondering if TRP_Url_Converter->url_is_file() should not check only files inside the WordPress install.

    I don’t know what link had been accessed in order to get that PHP Warning pop up inside the debug.log, it is not my website.

    Cheers,
    Alex Spataru

Viewing 1 replies (of 1 total)
  • Dragos

    (@dragosvrejiu)

    Salutare Alex,

    Iti multumim pentru interesul acordat plugin-ului nostru!

    Am raportat problema echipei de dezvoltare. O sa implementam schimbari referitoare la functie si vei fi anuntat cand se intampla asta.

    Toate cele bune,

Viewing 1 replies (of 1 total)
  • The topic ‘Possible hack attempt’ is closed to new replies.