Text only | Text with Images

Simple Machines Community Forum

SMF Support => SMF 2.0.x Support => Topic started by: spiros on June 07, 2020, 04:08:19 AM

Title: 2: Header may not contain more than a single header, new line detected
Post by: spiros on June 07, 2020, 04:08:19 AM
Is this some sort of hacking attempt? It has a "redirect" in the URL.

From the error log:

Code Select
https://www.translatum.gr/forum/index.php?thememode=full;redirect=https%3A%2F%2Faiswiki.wustl.edu%2Foisshelp%2Findex.php%2FUser%3AKourtneyShockley%3F---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpAntispam%2522%250D%250A%250D%250A%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpSection%2522%250D%250A%250D%250A%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpStarttime%2522%250D%250A%250D%250A20200606172833%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpEdittime%2522%250D%250A%250D%250A20200606172833%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpScrolltop%2522%250D%250A%250D%250A%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpAutoSummary%2522%250D%250A%250D%250Ad41d8cd98f00b204e9800998ecf8427e%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522oldid%2522%250D%250A%250D%250A0%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522format%2522%250D%250A%250D%250Atext%2Fx-wiki%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522model%2522%250D%250A%250D%250Awikitext%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpTextbox1%2522%250D%250A%250D%250A[https%3A%2F%2Fcheapjerseysalonz3.blogspot.com%2F2020%2F01%2Fcheap-jerseys.html%2520wholesale%2520nfl%2520jerseys]%2520https%3A%2F%2Fwholesalejerseyslanx3.blogspot.com%2F2020%2F01%2Fcheap-jerseys.html%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpSummary%2522%250D%250A%250D%250A%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522txtSelectedCategories%2522%250D%250A%250D%250Acheap%2520jerseys%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpSave%2522%250D%250A%250D%250ASave%2520page%250D%250A---------------------------266792705836950%250D%250AContent-Disposition%3A%2520form-data;%2520name%3D%2522wpEditToken%2522%250D%250A%250D%250A5c00a56cc95e743f394b7a035c4dcf91+%255C%250D%250A---------------------------266792705836950--Apply 2: Header may not contain more than a single header, new line detected
Subs.php
Line: 2798
Title: Re: 2: Header may not contain more than a single header, new line detected
Post by: Deaks on June 07, 2020, 03:07:11 PM
I am no expert but looks like they were trying to inject something through the URL.  There does seem to be a few links in it.

Have you searched the files for any of the links being succesful?   I doubt they have but be good to check.
Text only | Text with Images