close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

 

WebAssist ForumsArchivePowerCMSSecurity problem - repeated hacking

Security problem - repeated hacking

Thread began 9/17/2011 11:24 am by Jade but not jaded | Last modified 9/19/2011 9:20 am by Jade but not jaded | 5067 views | 11 replies

9/17/2011 11:24 amJade but not jaded

Security problem - repeated hacking

Hi there,

I'm using Power CMS (I think 1.02) on a client site.

Today is the third day in a row we've been hacked with exactly the same exploit.

We've spoken to server support (InMotion Hosting) and have changed file permissions to lock them.

But somehow the hack keeps happening. They're deleting all the files and creating their own files which include something called "egy_spider" exploit. I don't know if that's related to the vulnerability their exploiting or if it's simply the exploit they're pursuing, but I am attaching that file as a zipped PDF with this post, in case it's useful for reference.

Anyway, InMotion hosting has told us that they believe it's a vulnerability in the CMS that's allowing a PHP injection.

I've browsed the forum and the only related post I can find is about the security issue - server asset folder (showthread.php?t=22506).

I've applied that fix, but am wondering if there's something else I should be doing to secure the installation.

Please help if you can.

Cheers,
Jade

Attached Files
hacked-file.zip

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Everything else!

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

go to page top
Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...