Vulnerability in some files on our CMS

2 posts by 2 authors in: Forums > CMS Builder
Last Post: April 17, 2012   (RSS)

Re: [markrudloff] Vulnerability in some files on our CMS

By Dave - April 17, 2012

Hi Mark,

It looks like you're using Article Manager 2. There's no known security vulnerabilities in Artman2, usually how hackers gain access to a website is through old open-source scripts that has security vulnerabilities (email forms, wordpress, gallery scripts, etc). And once they are on your site, they often have the same access you would have when you FTP in, so they can add code anywhere.

Here's some steps to get you sorted:

1) Email your host and let them know you are looking into this and will have an update for them shortly. Also, can you ask them how they are detecting the hacked code and/or what program they are using?

2) We don't offer support for this situation because it's not caused by our software. However, I'm working on a new security scanner product so if you email me direct at dave@interactivetools.com with your FTP info I can use our beta version to detect issues and try to help. (Note: DO NOT post FTP info to the forum!).

3) Next, we need to either replace those infected files with originals (if you have a backup) or manually clean them.

4) You need to find the entry point, if you have any old script or script dirs you aren't using try removing them. Or even safer, just rename them to start with _old_. That will prevent hackers from finding them and make it easy to rename them back if you renamed the wrong thing.

5) If you have any 3rd party scripts that you need to use, make sure you're using the latest version and upgrade them if needed.

Hope that helps! Email me direct and we can work out the next steps.
Dave Edis - Senior Developer
interactivetools.com