Author Topic: Ktools Vulnerability - Did you get hacked (Read 4826 times)

leaf · « **on:** December 04, 2013, 15:59 »

I just got a note from my web host that my ktools site got hacked.. looks like I have my evening project in place

I logged onto their site and saw there was a vulnerability discovered. Anything less than version 4.5 is vulnerable... which means everyone since 4.5 was released today.

Quote

PhotoStore 4.x Security Vulnerability Discovered
A vulnerability has been found in a 3rd party script called Uploadify we use in PhotoStore. Any versions lower than 4.5 are vulnerable. To protect your site please delete the /assets/uploadify/old/ directory and files within.

lisafx · « **Reply #1 on:** December 04, 2013, 18:54 »

Oh joy. I haven't heard anything from Bluehost.

Of course I can't find the assets file in my file manager.

cthoman · « **Reply #2 on:** December 04, 2013, 19:38 »

Quote from: lisafx on December 04, 2013, 18:54

Oh joy. I haven't heard anything from Bluehost.

Of course I can't find the assets file in my file manager.

I think it is just for 4 and not 3. I didn't see those folders either.

leaf · « **Reply #3 on:** December 05, 2013, 04:15 »

Quote from: cthoman on December 04, 2013, 19:38

Quote from: lisafx on December 04, 2013, 18:54
Oh joy. I haven't heard anything from Bluehost.

Of course I can't find the assets file in my file manager.

I think it is just for 4 and not 3. I didn't see those folders either.

Yeah, probably just for 4. I had the folder which needed deleting. Since my site got hacked and the paypal ipn wasn't working I decided to do an upgrade. I 'think' i have most things working again.. sigh.. They really really need a better template system so we don't have to reapply our changes on every update.

lisafx · « **Reply #4 on:** December 05, 2013, 10:41 »

Quote from: cthoman on December 04, 2013, 19:38

Quote from: lisafx on December 04, 2013, 18:54
Oh joy. I haven't heard anything from Bluehost.

Of course I can't find the assets file in my file manager.

I think it is just for 4 and not 3. I didn't see those folders either.

Good to know. Thanks for posting Cory.

I am not confident tinkering around in the back end of my website, so I wondered if maybe I was just overlooking something.

alezan · « **Reply #5 on:** December 06, 2013, 15:07 »

What a piece of junk! Hope you get back on track and consider a change of software!!

ArenaCreative · « **Reply #6 on:** February 06, 2014, 01:07 »

Yeah, I edited and hacked up the code in my older version of ktools that I don't even want to think about upgrading.

Symbiostock looks nice, and runs on wordpress, but it still looks no frills compared to what you get with ktools. I'm sure it doesn't run as fast, either. Who knows/cares. Selling direct is not something I would ever do over again. Too much time/pain in the rear to deal with for such a small return, unless you happen to be some sort of special SEO wizard or have bottomless pockets for google adsense to drive traffic.

MicrostockGroup Sponsors

Author Topic: Ktools Vulnerability - Did you get hacked (Read 4826 times)

leaf

lisafx

cthoman

leaf

lisafx

alezan

ArenaCreative

Related Topics

Sponsors

Microstock Poll Results

Sponsors