Brizy - Potential SQL Injection Attack
Hi.
It seems your PHP code has a vulnerability which is allowing attackers to send spam via the PHP logs. Please help me find and fix this immediately.
[27-Dec-2023 09:44:03 UTC] PHP Warning: chmod(): No such file or directory in C:\Websites\mysite\www\wp-admin\includes\class-wp-filesystem-direct.php on line 173
[27-Dec-2023 13:07:11 UTC] WordPress database error Illegal mix of collations (utf8mb3_general_ci,IMPLICIT) and (utf8mb4_unicode_520_ci,COERCIBLE) for operation 'like' for query
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1 AND (((wp_posts.post_title LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_excerpt LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_content LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%'))) AND (wp_posts.post_password = '') AND ((wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'page' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'attachment' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'product' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'faq' AND (wp_posts.post_status = 'publish')))
ORDER BY (CASE WHEN wp_posts.post_title LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%' THEN 2 ELSE 6 END), wp_posts.post_date DESC
LIMIT 0, 10
made by require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->query, WP_Query->get_posts
[27-Dec-2023 13:07:18 UTC] WordPress database error Illegal mix of collations (utf8mb3_general_ci,IMPLICIT) and (utf8mb4_unicode_520_ci,COERCIBLE) for operation 'like' for query
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1 AND (((wp_posts.post_title LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_excerpt LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_content LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%'))) AND (wp_posts.post_password = '') AND ((wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'page' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'attachment' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'product' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'faq' AND (wp_posts.post_status = 'publish')))
ORDER BY wp_posts.post_title DESC
LIMIT 0, 1
made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/plugins/brizy/public/views/templates/brizy-blank-template.php'), do_action('brizy_template_content'), WP_Hook->do_action, WP_Hook->apply_filters, Brizy_Admin_Templates->showTemplateContent, Brizy_Admin_Templates->getTemplateContent, apply_filters('brizy_content'), WP_Hook->apply_filters, Brizy_Editor->brizy_content, Brizy_Content_MainProcessor->process, Brizy_Content_DynamicContentProcessor->process, BrizyPlaceholders\Replacer->replaceWithExtractedData, BrizyPro_Content_Placeholders_PostLoop->getValue, BrizyPro_Content_Placeholders_AbstractPostLoop->getPosts, BrizyPro_Content_Placeholders_AbstractPostLoop::createWpLoopQuery, BrizyPro_Content_Placeholders_AbstractPostLoop::getWpQueryParams, BrizyPro_Content_Placeholders_AbstractPostLoop::getOffsetPostIds, WP_Query->__construct, WP_Query->query, WP_Query->get_posts
[27-Dec-2023 13:07:18 UTC] WordPress database error Illegal mix of collations (utf8mb3_general_ci,IMPLICIT) and (utf8mb4_unicode_520_ci,COERCIBLE) for operation 'like' for query
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1 AND (((wp_posts.post_title LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_excerpt LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%') OR (wp_posts.post_content LIKE '%高通過率的GMAT 下載 - Admission Tests GMAT 真題材料:Graduate Management Admission Test最新發布 🥵 ➠ www.newdumpspdf.com 🠰上的免費下載▛ GMAT ▟頁面立即打開GMAT考試資訊%'))) AND (wp_posts.post_password = '') AND ((wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'page' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'attachment' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'product' AND (wp_posts.post_status = 'publish')) OR (wp_posts.post_type = 'faq' AND (wp_posts.post_status = 'publish')))
ORDER BY wp_posts.post_title DESC
LIMIT 0, 3
made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/plugins/brizy/public/views/templates/brizy-blank-template.php'), do_action('brizy_template_content'), WP_Hook->do_action, WP_Hook->apply_filters, Brizy_Admin_Templates->showTemplateContent, Brizy_Admin_Templates->getTemplateContent, apply_filters('brizy_content'), WP_Hook->apply_filters, Brizy_Editor->brizy_content, Brizy_Content_MainProcessor->process, Brizy_Content_DynamicContentProcessor->process, BrizyPlaceholders\Replacer->replaceWithExtractedData, BrizyPro_Content_Placeholders_PostLoop->getValue, BrizyPro_Content_Placeholders_AbstractPostLoop->getPosts, BrizyPro_Content_Placeholders_AbstractPostLoop::createWpLoopQuery, WP_Query->__construct, WP_Query->query, WP_Query->get_posts-
Hi Matthew,
Thank you for reaching out to us.
Could you also please provide us credentials to the affected website? Please add us as an Admin user to your WordPress Dashboard and send the following details to: communitysupport@brizy.io
Community Post link: https://support.brizy.io/hc/en-us/community/posts/16188472372370
WordPress Admin URL:
Username:
Password:Please make a full backup of your site as a precaution.
Also, could you share more details about the specific vulnerability you're encountering? This will help us understand the nature of the issue and escalate it to our senior support team.
Best regards,
Ariel H.0 -
Sorry, but I cannot give you access to my website as it's a breach of our privacy policy. From the information I have provided to you, can you tell me any critical information as per what file may be compromised? Perhaps provide me with a checksum of the file causing the injection attack so I can compare it with your vanilla/production value to ensure the integrity of mine isn't altered. I'd highly recommend that you please put me in contact with your senior support programmer so I can work with them to resolve the issue. Thanks.
0 -
Hi Matthew,
Thank you for the update.
I have created a private ticket and forwarded your request to one of our colleagues for further assistance. They will reach out to you as soon as possible.
Best regards,
Ariel H.0 -
This was resolved by changing the database collation to uft8mb4_unicode formatting.
Make a backup of your database before running the following MySQL script. If you don't know what you're doing then don't run this script since it will change all tables to a different collate.
SELECT CONCAT("ALTER TABLE ",TABLE_SCHEMA,".",TABLE_NAME," CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;")
FROM information_schema.TABLES
WHERE TABLE_SCHEMA="wp_project_name";0
Please sign in to leave a comment.
Comments
4 comments