Hello,

Our docebo site www.eclass4u.com has hacked with sombody. They said this is the hacked person " eBay Offer for "Callaway Tour Blue 35" Putter. We had started docebo forum. They have send lot of spam mail from our docebo site.

We got one mail from hosting company see that:

 

They have send details to me :
 Unfortunately for a hacking issue there is nothing we can do about this.
make sure you have all your files backed up and every time you get hacked, simply replace the files effected.
you can also make sure that if you have any installation like wordpress, phpBB, phpNuke, and so on that they are the current updated version and not an older version. the older visions have security holes and are venerable to hacking.
Also Chances are if your using php that there are issues with your php scripts on your site. You need to make sure that you have looked into the security protections on your php files. php injection is the most likely avenue.

Then I removed all docebo files. and mysql db. after that they have actiated our site. now it is working without docebo.
Now i want to say onething. Pls see this site also. www.egoverning.net. goto this site you can see our site has deactivated for this issues.

Pls help me. How can i solve this isssue.
 

Writted by: VG Rishi

We had started docebo forum.

Did hackers say above sentence ?
Could you please explain more about their messages ?
Could you track last IP addrress that visited your website or server ?

I have found just this issue related to 3.5.0.3 in web :
http://www.securityfocus.com/bid/27211
As I know you are a Docebo translator . So you can discuss about it in google group to get answers from Docebo authors and staff .
Regards

Our hosting account supporter said "

You have a phishing site on your account.
http://egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP
http://www.egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid> &UsingSSL=1&email=&userid=

The programs that operate database-driven sites are vulnerable to hackers, who can (and do) exploit bugs in those programs to gain unauthorized access to your site.

Thene I removed all docebo file and phpmysql db. after that they have reactivated our site. I checked the docebo sql files it is went more that 50mb file size. So ican't backup the the db also. I have created this sites for tamil docebo marketing and anothe one for India international software developer conference (www.indiasoft2008.com) But all files gone.  That conferene will held on march 19th 2008. We decided to show docebo on there conference (last year we showed docebo on this conference without video and audio) Now we have created video, flash online interactivity tools ( our own online interactivity tools). It is developed by FMS3. Anyway I am trying to recover those sites from my mind.
Rishi
www.vgrishi.com

Writted by: Omid

Writted by: VG Rishi

We had started docebo forum.

Did hackers say above sentence ?
?

You forgot answer it ! and was http://egoverning.net/cacas/ your Docebo main root or it`s created with hackers !?

Hello All,

Please see the following messgaes form our hosting company.  Our docebo site all hacked. wherever we had installed docebo all site has hacked.

Docebo team please check this issue.

Following message from our Hosting company. ( alread i have shown one message from bluehost)

Also we have suspended your site worldtamilnet.com as it is being used to hack into our server. The docebocms is being used for the hack purpose, so you are requested to remove any docebo installations you have on any of your domains as it is a vulnerable application.