WebSite X5Help Center

 
Adrian G.
Adrian G.
User

Malware error in coding  en

Author: Adrian G.
Visited 2250, Followers 1, Shared 0  

Hi I have the latest version of Website X5 Evolution which I use to design clients websites.

Today I received an email from my hosting suppliers and they said that every domain designed with Website X5 Evolution is coming up with this error message.

Please Help!!

Malware scanners have detected vulnerabilities or malware in the following files, please update to latest versions of these files listed below or delete them for the protection of your account:

/var/www/vhosts/kssd.co.za/httpdocs/res/class.phpmailer.php
/var/www/vhosts/samag.co.za/httpdocs/res/class.phpmailer.php
/var/www/vhosts/komena.com/httpdocs/holidayman/res/class.phpmailer.php

I have tried reloading the domains etc but no difference.

My hosting supplier advised to get an updated version of the PHP file from you.

Any advice on how to fix this please.

Thank You.

Posted on the
4 ANSWERS
Andre E
Andre E
Moderator
Best User of the month EN

What is the size of this file exactly? Is the date the same as class.smtp.php ? it should be 119.881 (before you update)

Update to latest version -> 16.3.1

It could also be that your server password (ftp password) is hacked, change it and upload again fully. (best is to make server totally empty)

Read more
Posted on the from Andre E
Adrian G.
Adrian G.
User
Author

Hi Andre E.

Thank You for your reply, I am using 16.2.1 and will update now to 16.3.1 and test again.

I checked the date and file size as you suggested and they are the same as your info, date same, file size 119.881.

My hosting ISP has requested the following, can you assist with this please.

I will once again add a TEMPORARY lift on this file. In order to add a permanent exception we require written confirmation from the developer stating that the file is not vulnerable and a checksum of the non-vulnerable file wich will be compared to the checksum of your files.

The version of the file you are using is 5.2.9 and you need at least version 5.2.18.

You may read this (amongst other articles) https://www.fortinet.com/blog/threat-research/analysis-of-phpmailer-remote-code-execution-vulnerability-cve-2016-10033.html

Read more
Posted on the from Adrian G.
Andre E
Andre E
Moderator
Best User of the month EN

Adrian,
I will ask Incomedia to respond, because I can't give a qwritten confirmation statement. But I am sure it's save if the checksum is correct.

Best Regards,

Read more
Posted on the from Andre E
Incomedia
Stefano G.
Incomedia

Hi Adrian.

I thank you for reporting this to us.

I proceeded to notifying the developers of this, so that they can look further into it and analyze the situation properly.

For now, I can only suggest you currently ask your provider to keep the file unlocked, and I will be sure to notify you here as soon as news on this particular matter is available

Thank you again for your feedback

Stefano

Read more
Posted on the from Stefano G.