Versions of the TimThumb script prior to 1.34 have a serious security vulnerability. Here’s a one liner to find the versions of all TimThumb installs on a server:
1 |
find -name '*.php' -exec grep -q TimThumb {} \; -exec grep "'VERSION'" {} \; -print |