1) Upgrade your version of CMS-MS to the latest version immediately.
2) If you're running Apache, consider using the .htaccess file described in the wiki.
3) Watch your uploads directory for extraneous files (html and php files, plus subfolders of images/scripts/etc.). Delete them.
This is surely my fault. As I said, these are sites I hadn't gotten around to updating. I'm certainly not blaming anyone involved with developing CMS-MS. I urge you to update your CMS-MS sites right away to prevent such attacks.
Tim
PS: These incidents have given me the opportunity to speak with some very "nice" security officers at some fairly large banks around the world. Fun stuff to deal with on your day off, let me tell you!
