Security Problem found?

Found a bug? Tell us!!
Post Reply
Posts: 61
Joined: Sun Oct 14, 2007 8:52 pm

Security Problem found?

Post by amarradi » Mon Feb 28, 2011 9:45 pm

Hello together, :!: :!:

my Webhoster locked my Account, because the Account contains phishing code. Thanks a lot at

In the following directories did i found some php code which redirect the user to an phishing-Page


The log-file are full of .loy.php-entries. Is there an known issue about this?
Can everyone help me?

User avatar
Posts: 4598
Joined: Sun May 02, 2004 3:04 pm

Re: Security Problem found?

Post by Timbalu » Tue Mar 01, 2011 8:59 am

Yes, it is strongly recommended to upgrade to latest Serendipity release version, since there were third party security issues. Please read the Announcement section of this forum under ... eased.html and following links and notes carefully ...

There were also several notes on how and where to check if there are any other hacked files in other threads. Have a forum search look by your own with searchtopics upgrade / htmlarea.

There might also be a need to abo ... ements.rss to keep in touch with unwanted but always posssible future vulnerables more quickly.

About these two files. Delete them before upgrading and check if there are some more.

Good luck.

Serendipity Styx Edition and additional_plugins @ @

User avatar
Core Developer
Posts: 30020
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany

Re: Security Problem found?

Post by garvinhicking » Tue Mar 01, 2011 2:26 pm


Also check what the /atoms/ directory contains? This is not a directory that usually comes with serendpity...

# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy:
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby:

Post Reply