Security Breach in CMSMS website?

[rodel]

Hi all,

While googling for a new CMSMS theme I found this
_themes.cmsmadesimple.org/uploads/ctrlH/notes/9485.html
or
_themes.cmsmadesimple.org/uploads/ctrlH/

It looks like a spammer modified a theme and added an affiliate link to a spyware website?

I think admins should remove the above.

[rodel]

Look like no one cares about this problem?? Eh

In google search enter:

spy inurl:themes.cmsmadesimple.org


There are hundreds of pages with the same affiliate link and because the CMSMS website is old and respected in google's eyes the spam pages with affiliate links are rank very high in google search for many competitive keywords...

The CMSMS website may be banned by google for spam one day..

Fight SPAM! CMSMS developers looks at this problem.

[paulbaker]

In google search enter:

spy inurl:themes.cmsmadesimple.org

Hmmm, I see what you mean. See screenshot. That's not good. I hope someone can fix it.

[Rolf]

We have found the folder and removed it several times. We didnt ignore the appreciated warnings from you.
Problem is the folder is coming back to the server, so the real issue is still there... As you probably know our old webserver is hacked and we are transfering all sites to the new one. The Themes website however is still on the old one... But at the moment we dont have the man power to do this last transfer. Knowing Ted lives in the 'Sandy' area and DrCss is in the middle of moving himself. I try to delete the folder again when I have a moment.
Thanks for your warnings and (hopefully) patience!

Rolf

[Dr.CSS]

Search using that bit of text no longer produces those results, so it is fixed...