RensTillmann
commented
3 years ago Hi, we just released a patch for this, thanks for the short notice!
Closed Larotu closed 3 years ago
RensTillmann
commented
3 years ago Hi, we just released a patch for this, thanks for the short notice!
Larotu
commented
3 years ago Hi Rens,
How can I remove the file?
Hartelijke groet,
Lara Tuk Larotu Designs
+31 647 784 560
Op 29 jan. 2021 om 17:28 heeft Rens Tillmann notifications@github.com het volgende geschreven:
Hi, we just released a patch for this, thanks for the short notice!
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Larotu
commented
3 years ago Sorry, my mail wasn’t complete, I get this notice in IThemes Security: The scheduled site scan found 1 issue:
Super Forms <= 4.9.602 - Unauthenticated PHP4 File Upload to RCE You provided a patch today, but the scan still shows a problem. How can I solve this?
Hartelijke groet,
Lara Tuk Larotu Designs
+31 647 784 560
Op 29 jan. 2021 om 22:31 heeft Larotu Designs info@larotu.nl het volgende geschreven:
Hi Rens,
How can I remove the file?
Hartelijke groet,
Lara Tuk Larotu Designs
+31 647 784 560
Op 29 jan. 2021 om 17:28 heeft Rens Tillmann notifications@github.com het volgende geschreven:
Hi, we just released a patch for this, thanks for the short notice!
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
RensTillmann
commented
3 years ago Hi, there is no file to be removed, this was just a possible exploit. This has been patched within v4.9.702 so you should just update to that version and you should be good to go. Envato is reviewing this patch right now. But it should be solved. You might still get a warning about it until this was set as resolved in the exploit database.
Ithemes security found one issue scanning websites: Super Forms <= Unauthenticated PHP4 File Upload to RCE. Is this a known vulnerability?