0vote

What is this Error About

Warning

There are one or more files in your public upload directories that are not in your allowed upload filetypes list. These may have been placed here by an attacker and if so should be removed immediately. You should not open these files as this may execute any malicious code the file might contain; e.g. do not open them with your browser.

If you recognise these files as being legitimate, it is likely that the filetype is no longer in the allowed filetypes list for some reason, and you will need to re-add it (see admin => uploads). You should not allow the upload of .html, .txt, etc as an attacker may upload a file of this type which includes malicious javascript. You should also, of course, not allow the upload of .php files or any other type of executable script.

Below is the list of files that could potentially be malicious:

  • e107_system/9803f0adb3/temp//admin_add_category.php
  • e107_system/9803f0adb3/temp//admin_add-album.php
  • e107_system/9803f0adb3/temp//admin_add-image.php
  • e107_system/9803f0adb3/temp//admin_album-detail.php
  • e107_system/9803f0adb3/temp//admin_comment_editor.php
  • e107_system/9803f0adb3/temp//admin_config.php
  • e107_system/9803f0adb3/temp//admin_image-detail.php
  • e107_system/9803f0adb3/temp//admin_list-album.php
  • e107_system/9803f0adb3/temp//admin_list-image.php
  • e107_system/9803f0adb3/temp//admin_modify-album.php
  • e107_system/9803f0adb3/temp//admin_modify-image.php
  • e107_system/9803f0adb3/temp//admin_prefs.php
  • e107_system/9803f0adb3/temp//admin_readme.php
  • e107_system/9803f0adb3/temp//advanced_search.php
  • e107_system/9803f0adb3/temp//ChangeLog.txt
  • e107_system/9803f0adb3/temp//class_add-album.php
  • e107_system/9803f0adb3/temp//class_add-image.php
  • e107_system/9803f0adb3/temp//class_modify-album.php
  • e107_system/9803f0adb3/temp//class_modify-image.php
  • e107_system/9803f0adb3/temp//e_search.php
  • e107_system/9803f0adb3/temp//functions.php
  • e107_system/9803f0adb3/temp//image_gallery.php
  • e107_system/9803f0adb3/temp//image_gallery_menu.php
  • e107_system/9803f0adb3/temp//image_gallery_random_menu.php
  • e107_system/9803f0adb3/temp//image_gallery_recent_menu.php
  • e107_system/9803f0adb3/temp//image-detail.php
  • e107_system/9803f0adb3/temp//list-album.php
  • e107_system/9803f0adb3/temp//list-image.php
  • e107_system/9803f0adb3/temp//myfuncs.php
  • e107_system/9803f0adb3/temp//plugin.php
  • e107_system/9803f0adb3/temp//rated.php
  • e107_system/9803f0adb3/temp//search.php
  • e107_system/9803f0adb3/temp//style.css
  • e107_system/9803f0adb3/temp//viewImage.php
  • e107_system/9803f0adb3/temp//mysql tables.txt
  • e107_system/9803f0adb3/temp//Readme.txt
e107 version 2.1.5

tgtje commented Apr 7

Although topic is closed : part of image_gallery. Those belong to that plugin. Likely (not tested) due to age of plugin and its coding (older + version?? ) (php ext. not allowed in path as a hacker could upload a executable file to harm)

it triggers the system > (all such is usefull info !! overall when system runs; just to take notice what happens..  So in short : system works as intended (to warn and advice), but plugin needs to be 'overhauld'.

1 Answer

0vote

Moc Points2177
Tgtje's answer is correct. Let me provide some further information:

- You probably tried to install a plugin through your admin area ('Find plugins' section). This automatically downloads the plugin from e107.org and installs it onto your website.

- The plugin you downloaded is probably outdated and depending on its coding and your server settings, the copying of all the files to the right plugin folder may have been hindered. Simply said, there are some leftover files from the plugin download still located in your temporary folder.

- As a security measure, e107 checks which files are present. Sometimes, hackers try to upload malicious files. The warning you receive is a signal that something may be wrong. Seeing that these files belong to a specific plugin, it is safe to assume that these files are not malicious but simply leftover due to reasons I mentioned before.

- To resolve the warning, you can manually remove the files listed in the warning message. Downgrading to a lower version of e107 is not going to solve this issue, and is not recommended at all.
 

If you continue to have any issues, please visit us in the Gitter chatroom and we'll help you out: https://gitter.im/e107inc/e107

Please log in or register to answer this question.

Know someone who can answer? Share a link to this

...

e107 Q&A is a Question and Answer platform where e107 users can ask questions themselves and answer each others questions. By doing so users can earn badges and points and become e107 experts.

This community platform is a valuable tool for sharing and gaining knowledge on e107. Go ahead and find out yourself!

Connect with us