Hello,
I've received yesterday the mail announcing that Piwigo 14.3.0 is available (Thanks for that and all work on this project).
But the URL is not linked to my own Piwigo (the correct URL should be https://photo.bouvet.ch)
-----
Galerie de photos de Laurence et Laurent
Piwigo 14.3.0 est disponible, merci de mettre à jour
Bonjour,
Il est temps de mettre à jour votre Piwigo avec la version 14.3.0, allez sur https://webcaclub.gq/admin.php?page=updates
Cela se fait en quelques clics
Maintenir Piwigo à jour est important pour la sécurité.
Envoyé par Galerie de photos de Laurence et Laurent - Propulsé par Piwigo - Contacter Webmestre
-----
I've searched in the config and different tables to find the cause (db injection?), but without success.
Where this URL is stored or generated?
Is this a sign of compromise?
Thank you for your help.
kind regards,
Laurent
-----
Environnement
Piwigo 14.1.0
Installé le 7 Janvier 2024, il y a 1 mois 3 semaines 5 jours
Système d'exploitation: FreeBSD
PHP: 8.1.27 (Montrer les informations) [2024-03-03 10:11:47]
MySQL: 8.0.35 [2024-03-03 11:11:47]
Bibliothèque graphique: External ImageMagick 7.1.0-62
Taille du cache 543.23 Mo calculé il y a 1 mois Rafraîchir
Liste des plugins activés11
Admin Tools
Community
Download Permissions
Force HTTPS
Fotorama
LocalFiles Editor
OpenStreetMap
Security Headers
ShareAlbum
Take A Tour of Your Piwigo
VideoJS
Piwigo URL: https://photo.bouvet.ch
Offline
Offline
Hi,
Check Files Integrity
Piwigo 14.3.0, 644 files scanned in 0.735 seconds
Well done! Everything seems good :-)
Last edited by 1aurent (2024-03-03 11:56:01)
Offline
Hi :-)
in your local config ?
Offline
<?php
/* Dans cette fenêtre, écrivez les informations pour configurer votre galerie Piwigo. */
$conf['graphics_library'] = 'ext_imagick';
$conf['ext_imagick_dir'] = '/usr/local/bin/';
?>
Offline
After checking the mail log, I confirm the mail comes from my Piwigo instance:
Mar 2 17:17:25 photo dma[2fc10][59450]: new mail from user=www uid=80 envelope_from=<XXX@bouvet.ch>
Mar 2 17:17:25 photo dma[2fc10][59450]: mail to=<XXX@bouvet.ch> queued as 2fc10.1c70fba48000
Mar 2 17:17:25 photo dma[2fc10.1c70fba48000][60033]: <XXX@bouvet.ch> trying delivery
Mar 2 17:17:25 photo dma[2fc10.1c70fba48000][60033]: trying remote delivery to mxXXX.bouvet.ch [10.0.1.61] pref 10
Mar 2 17:17:25 photo dma[2fc10.1c70fba48000][60033]: <XXX@bouvet.ch> delivery successful
Offline
Well, only you can tell.. search your entire system, all files and databases, for webcaclub. If it's not on the sending site then maybe injected/replaced on the receiving side or interim delivery systems.
The log excerpt doesn't tell anything but a mail was sent, not which content.
Offline