CMSMS 1.8 Security Issue in index.php
Posted: Sun Jul 11, 2010 4:04 am
I've been using CMSMS for a few years now without any issue; it's a wonderful piece of software. Recently, though, I've run into the odd situation of someone injecting code into our index.php file. When I discovered this, I upgraded from 1.7.1 to 1.8 and applied the applicable settings from the security guide on this forum, but it happened again today. When this occurs, the site does not come up at all; rather, I get the following error message:
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/stjudes/stjudesbrantford.com/index.php on line 51
I'm only glad that this is something that is quite obvious when it occurs. Replacing the index.php file with a fresh copy fixes this, but I can't understand how this is happening in the first place. I have attached a copy of the infected index.php file. Would someone mind taking a look at this? Many thanks in advance.
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/stjudes/stjudesbrantford.com/index.php on line 51
I'm only glad that this is something that is quite obvious when it occurs. Replacing the index.php file with a fresh copy fixes this, but I can't understand how this is happening in the first place. I have attached a copy of the infected index.php file. Would someone mind taking a look at this? Many thanks in advance.