1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. To combat forum spam, we are temporarily disabling the ability to create new accounts for the forums. Please feel free to open a support ticket through out client area with any support issues. You can also search the forums for answers to many questions.

Header Exploit?

Discussion in 'General Support' started by soaringpine, Apr 2, 2012.

Thread Status:
Not open for further replies.
  1. soaringpine

    soaringpine New Member

    Hi guys, my calendar quit working out of the blue all of a sudden and I am still trying to determine why. I assumed my provider upgraded php version automatically but that wasn't the case. So I reinstalled some of the files thinking that might do the trick. Contacted my provider after they blocked my IP address because they said the calendar/events/editors/tinymce/header.php file contains an exploit.

    My site will not work at all - I am receiving the following message:

    Fatal error: Incompatible file format: The encoded file has format major ID 2, whereas the Loader expects 4 in /home2/pack414/public_html/calendar/functions/functions.inc.php on line 0

    Cannot access the admin panel for the calendar either - ssI receive the same message.

    Any help is much appreciated. This is a Cub Scout site and I need to get it back up and running ASAP. THANKS!
  2. ve9gra

    ve9gra Support Team

    Download the Tester script and check which version it tells you you need. Download the .zip version and then follow the upgrade documentation to replace the system files only.

  3. ve9gra

    ve9gra Support Team

    Oh, and before you blow away the old files, I would suggest that you open a support ticket and upload the file that your host told you had an exploit. Brian will be able to confirm if it had been tampered.
  4. Brian

    Brian EPC Developer Staff Member

    And that file is part of TinyMCE and not part of the calendar. Make sure you are using the latest release of TinyMCE.
  5. ve9gra

    ve9gra Support Team

    Err... Brian, this file is part of the EPC package... no?

  6. Brian

    Brian EPC Developer Staff Member

    You're absolutely correct. I misread the path.

    That file is in plain-text and there is no code that can execute anything else. It's possible that on outside script or user modified that file and included malicious code in it. You may want to see if your host can tell when and who/how that file was modified.
  7. soaringpine

    soaringpine New Member

    I downloaded the latest version and updated the appropriate files and the server still does not like it (exploit showing up). Before I did that I ran the /tester directory and everything checked out fine.
  8. Brian

    Brian EPC Developer Staff Member

    You're going to need to send me that file and/or give me more specific details about it because I have no idea what you mean by exploit.

    I assure you that it is not distributed with the calendar.
Thread Status:
Not open for further replies.

Share This Page