I done a few sites in PHPTAL. When I today visit one of them - I saw an
error:
exception 'PHPTAL_Exception' with message 'Invalid element name
'ohhe.length;qhxk+=3){ifdm+=rkfg(ohhe.substr'' in
/inc/PHPTAL-1.1.14/PHPTAL/Dom/Node.php:107 Stack trace: # etc...
When I check code, I find in main
On 12-02-2009 at 14:23:37 Szymek Przybył apocalyp...@gmail.com wrote:
exception 'PHPTAL_Exception' with message 'Invalid element name
'ohhe.length;qhxk+=3){ifdm+=rkfg(ohhe.substr'' in
/inc/PHPTAL-1.1.14/PHPTAL/Dom/Node.php:107 Stack trace: # etc...
Code has been injected into your template
It sure looks like there is a security hole in those servers, perhaps it's a
bug on some web software running in them (Wordpress, Joomla, phpMyAdmin...)
which allows the attacker to modify files writable by the web server.
Review the last modified date of the affected files and then search for
