You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi
A collegue discovered two manipulatetd gif files in his (Joomla-) template image folder, that starts straight with <?php
instead of the used jamss-pattern GIF89a.*[\r\n]*.*<\?php
followed by plain php-code (no eval/gzip/base64_encode.....)
As the patterns are file-extension indepent, and this is the future format of manipulatet gif's, that could be faced by adding a additional 'include/exclude file-extension' entry/entries in the patterns arrays, that can be used as an additional condition in the scan_file() function.
The text was updated successfully, but these errors were encountered:
Hi
A collegue discovered two manipulatetd gif files in his (Joomla-) template image folder, that starts straight with
<?phpinstead of the used jamss-pattern
GIF89a.*[\r\n]*.*<\?phpfollowed by plain php-code (no eval/gzip/base64_encode.....)
As the patterns are file-extension indepent, and this is the future format of manipulatet gif's, that could be faced by adding a additional 'include/exclude file-extension' entry/entries in the patterns arrays, that can be used as an additional condition in the scan_file() function.
The text was updated successfully, but these errors were encountered: