Hack or Edit by host ?

[Sy]

Earlier this week I noticed the fonts had changed on the site I created with CMSMS.  Then my client contacted me and said they'd noticed other things had changed, like the color of the title text, font size's and various php errors appearing.

I thought at first that they had edited the content as they also have the admin password for cmsms.  But after checking all the templates and styles I found nothing wrong.

I then took a loot at the source code from the browser and found a whole bunch of text injected at the front of the document, lots of links to http://www.lj-soft.com

Eventually I tracked this down to /includes.php where this text had been appended to the end of the file.  My client doesn't have a clue how to edit files and upload with ftp, so I'm wondering how could someone of done this without ftp access.

Is this a known hack and vunerability of the version I'm using or could this be something that the server host has done ?

The site is hosted with godaddy.  Site name: http://www.eska.co.uk

Once I'd removed this text everything went back to normal.

[Sy]

Sorry:

CMSMS Version: 1.1.4.1
Apache: 1.3.33
PHP:  5.2.5
MySQL: Client API 5.0.18
OS: Linux

[Dr.CSS]

That CMSMS ver. is way too old you need to upgrade to 1.2.5 ASAP, you would be best off reloading a known good DB backup now then upgrade to 1.1 then 1.2.5, any custom news templates will have to be copied to DB in News interface...