Someone hacked my web hosting account. I had phpbb2 and xoops. He changes the sending registration e-mail of my phpbb2 but suddently the e-mail registration from XOOPS now sends (the same) bad things at anyone who registers. Help me plz!

Can you check the logs and check for weird things?

I don't think the fault lays with xoops, since to modify the registration e-mail you have to get file access... I think it's better that you contact you host and notify them about this problem.

If you haven't already done so, close your site to the public and upgrade your site to v2.0.7.1. This version fixes know vulnerabilities in Xoops.

After you've successfully upgraded your site, log into your FTP account and chmod all folders on XOOPS to 555.

Exceptoins:
chmod the following as 777
/cache
/templates_c
/uploads

chmod the following 444
mainfile.php

If you're not familiar with chmod, here's what the values mean:

777 = read/write/excecute by all
555 = read/excecute by all
444 = read by all

You should also check the phpBB site / documentation to ensure that your forum is the most recent version, and the permissions on your forum's files are correct. The controls in the Admin panel are not the only factors you need to consider.

This kinda thing is more common on shared hosting plans, so as mentioned above, contact your host.

But also understand that the cracker more than likely has root access and is able to cause havoc with any file on the server. You mention that your XOOPS and phpbb sites were both hacked. I'll bet other user's sites were cracked too.

Tighten up XOOPS for sure but don't think that it can't happen again if the server itself is at risk still.

Watch those logs.

How can i see my XOOPS version and where to download the updated version? (if need to)

You can find the version number in the bottom of your admin control panel. The latest version can be found here on xoops.org, just follow the big red link at the top of the homepage.

Herko