Once more: Update your site a.s.a.p.
Posted by muscapaul on 11/13/2008

---

Please be advised that the person(s) responsible for attacking the PHPFusion sites through the search vulnerability is still active, even though a fix is made available. The raw access logs from my own site, even though upgraded to v7.00.1, show five (5!) different attempts in the last 15 hours to inject data into the databse. As no rogue files or additional SA's were found, it is clear the new files have closed the vulnerability.

Also check the news items below.