Can anyone advise how I can plug this hole.
My site is www.anandamarga.org.uk, xf-section runs the vegetarian cookbook. Anonymous users are not allowed to modify the entries, and new users have to be accepted by the admins before being activated.
First off - I am going to upgrade to xfs 1.10
Quote:
Hi,
The following script on your hosting account has been exploited by hackers and used to execute a trojan script on our
server:
/usr/local/psa/home/vhosts/anandamarga.org.uk/httpdocs/modules/xfsection/modify.php
Since this appears to be a downloaded script, please can you check that you have the latest version and any security updates installed on your account, or take other steps to ensure that the script is secure.
If similar problems occur again then we may be forced to disable the script concerned.
Regards,
James
Purple Cloud
--
Purple Cloud :: budget hosting solutions
Website:http://www.purplecloud.net
E-Mail: enquiries@purplecloud.net