Spamming issue with include.php
Posted: Wed Oct 21, 2009 1:48 pm
Hi -
Running a site on CMSMS v1.6.6 and I've been getting spammed. It appears that someone has appended the following code to the end of the include.php file:
Which ends up adding a bunch of nonsensical stuff to the admin area - as of now the site itself doesn't appear to be affected.
For instance, at the top of the admin login screen, you get:
Warning: Cannot modify header information - headers already sent by (output started at /mypath/include.php:507) in /mypath/admin/login.php on line 313
Warning: Cannot modify header information - headers already sent by (output started at /mypath/admin/login.php on line 314
and if you look at the source code, there's a list of spammy links. If I remove that piece of code from the include.php file, all this goes away. But my question is, how do I get this to stop?
Running a site on CMSMS v1.6.6 and I've been getting spammed. It appears that someone has appended the following code to the end of the include.php file:
Which ends up adding a bunch of nonsensical stuff to the admin area - as of now the site itself doesn't appear to be affected.
For instance, at the top of the admin login screen, you get:
Warning: Cannot modify header information - headers already sent by (output started at /mypath/include.php:507) in /mypath/admin/login.php on line 313
Warning: Cannot modify header information - headers already sent by (output started at /mypath/admin/login.php on line 314
and if you look at the source code, there's a list of spammy links. If I remove that piece of code from the include.php file, all this goes away. But my question is, how do I get this to stop?