I'm running Serendipity 0.9-beta1 and PHP 4.3.11 on a hosted server, and when I go to my page, I get a whole bunch of popups to download 'app.wmf'. When I check out the source to my page, I have this at the beginning:
Seems to be some sort of a redirect to apokalipsis.biz? And also click.hotlog.ru. I haven't looked into it very far yet, as I'm making a copy of everything before I start messing with it. Has anyone see this before? I'll post a link to my blog as long as everyone promises not to go there with IE
Made the Smarty/libs dir 777. Oops. Live and learn I guess. Just deleted it and replaced it with the directory out of the latest release (and made it 555), since I don't have the old beta release around. Probably should replace the rest of the files, but for now it seems to work fine. Hope my mistakes help someone
Hm, where did the snippet then come from? Was it injected into your Smarty files or templates?
If the code was inside of the template or smarty files it means someone hacked your webspace to gain file access; this could happen again in the future if not properly paid attention to. Are you hosted on a server with many other sites? Are you using any other PHP/CGI applications on your host?
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
