PHP Exploit Warning

[superflausch]

Our hosting provider scans their servers for known exploits from time to time. warned us about a know exploit and blocked access to the following file within color-thief-php:

src/ColorThief/Image/Adapter/AbstractAdapter.php

The reason given is

# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2128]]

Did anyone else noticed this as well? Anything we can do? Or can this be updated/fixed in the lib?

Cheers.

[ksubileau]

A bit difficult to analyze with so few details, but have you checked the integrity of all the library code files? Do you have a way to contact your hosting provider to get more details ?

[NOSSKosh]

Hi @ksubileau

I have received the exact same message from my hosting provider this weekend. No further details provided. Any news on this?

[jschlier]

I can imagine this being caused by calling file_get_contents on a "user-input" URL.