I had been using XOOPS 2.0.17 since a long time. In the recent days it got attacked by some hackers. After several attempts of recovery I decided to install XOOPS latest stable release thinking, it might have better security.
I just installed XOOPS 2.4.4 in a fresh domain. Just after installation I got security warning
Trojan: JS/Gamburl.E
Perhaps its in XOOPS js file.
I am not too much expertise, what should I do? Does some one else had some sort of same issue?
Is XOOPS not secure? I think yes its not secure, so I am just going to leave it, should I?

Quote:

How did you get this warning? Pointing to which file? What was the exact text?

Quote:

XOOPS is very secure, if installed correctly, and if using the Protector module. Otherwise you would be hearing constantly on the Web about XOOPS security flaws.

Of course, there is never a guarantee that a new way won't be found to break in, but as soon as we're aware of it, we fix any vulnerabilities.

Please also note that in many cases it was not the XOOPS itself, but the Apache server, that was used as entry point for the hacker.

See this info for more info about increased security.

I received that warning through Microsoft Security essentials Alert. It says detected items:
Trojan: JS/Gamburl.E
Items: file: C:\Users\....\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GAVVQM6V\xoops[1].js

And yes I am already using Protector module.

How did the file got there? Did you placed it there, or somebody uploaded it there?

It could be very much that your server is already compromised, i.e. the hacker has cracked your password, and can upload the files there anytime he wants. In such a case, regardless what new version of XOOPS you upload there, they will have the access to your Server.

You should change immediately all you passwords to the server, check the server logs, to see how the file got there...