Be Wary of Uploadify.php

I recently had one of my security plugins lock out an IP address for getting an excessive number of 404 errors. I went into the logs and discovered that the IP address was trying to access a file called uploadify.php. It was attempting to call the file from within a variety of theme and plugin directories. Thankfully they were all plugins and themes that I don’t have but it suggests that there is a file with a vulnerability that is embedded in a variety of plugins and themes. I did a search of the file system on my server and found that none of the plugins or themes that I do have contained that file so I am safe from whatever vulnerability it might have but anyone who is concerned about security might want to see if they have a file by that name and look into what vulnerabilities it might expose.

About David

David is the father of 8 extremely organized children (4 girls / 4 boys) who is constantly seeking answers to tough questions related to parenting, education and politics while moonlighting for 40 hours each week as a technology professional. He also enjoys cooking, gardening, and sports.
This entry was posted in meta, technology and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *