My site appears to have been hacked, now I have PHP errors

[hsweet]

The site is http://misucatskills.org  There was a static page, index.php that is gone, replaced by  a non-displaying page full of Viagra and illegal software download stuff. 

Worse, I now am getting the error noted below when I go into the admin page.
Is the fix-able or do I need to re-install.  If I do reinstall, (maybe I should anyhow), can I upgrade the CMS bit without losing the site?



The server PHP5.6, MySql 5.0.45 Apache.

ERROR BELOW

xxxxxxxxxxxxxxxxxxxxxxxxx

[cyberman]

Please read this

http://forum.cmsmadesimple.org/index.ph ... 384.0.html

[Pierre M.]

Yes, smells again "somebody exploiting the bug in 1.2.4 that was fixed with 1.2.5", we bet you were not running the latest bugfix release on the wild Internet.

For further reference (along with the thread in Annoncements) : if you expose software (say CMSms) on the wild Internet you should apply security patches.

Pierre M.

[Jack @ PharSide]

This happened to one of my installs all. It WAS version 1.2.5. Gonna try and fix but this is NOT fixed in 1.2.5.

[cyberman]

Please tell us something more about this install like PHP version, installed modules, other installed software on this host account.

Have you realized security guide completely?

http://wiki.cmsmadesimple.org/index.php ... mall_Guide

[calguy1000]

Then you'll need to analyze your httpd logs and see how the person got in.... either your upgrade went bad, or there's some php environment setting that we don't know about, or there's another vulnerability.  But nothing more has been reported, and we can't help any further without more information.