Possible security breach on my cms site

[davids355]

Hi All, (edit : actual site names removed by Pierre)

I think somehow someone has hacked into my templates on mycms made simple site (http://www.site.co.uk)

I have just logged in and I found this code:

El ultimo jugador de texas poker en linea es el que mas ventaja tiene de su lugar en la mesa.Le Video Poker en ligne est un jeu passionnant et que l�on retrouve dans de nombreux poker en ligne et sous de nombreuses formules.

It was pasted just below the body on both my templates. I am wondering if somehow a file on the server has been hacked into, is this possible or likely?

Many thanks

Dave

[milehigh]

Looks like you need to upgrade to 1.2.5 or 1.3.

© Copyright 2004-2008 - CMS Made Simple. This site is powered by CMS Made Simple version 1.2.4

[davids355]

Is the new version more secure then I take it?

I think I have an idea what it may have been anyway - I installed ajavascript widget just before it happened - maybe that had some malicious code in it?

Anyway, I will think about upgrading. But Im still scared to do so - does it involve much work? And do I need to backup and restore database/files or anything? Because Im still not happy I know what Im doing when it comes to backups - I backup the database from1and1 control panel, but there are alot of options that can be ticked but arnt, not sure if I need anyof them??...

[Pierre M.]

Yes, you need to upgrade and to read all cmsmadesimple.org.
Hint : the low traffic blog has an RSS feed.

Pierre M.

[hotaru]

Upgrading is very easy and is explained in the documentation here:

http://wiki.cmsmadesimple.org/index.php ... /Upgrading