SMF 2.0.18 has been released! Please update. Read more.
Started by Stirius, July 01, 2020, 06:50:46 PM
Quote from: Illori on July 02, 2020, 05:39:47 AMdo you have your profile or others set to show their email address? if so anyone registered can click on the envelope and send their messages. other then editing the templates to remove that there is no global way i am aware of to remove that function.
Quote from: Deaks on July 02, 2020, 06:06:35 AMthe only way would to manually check the code for anything that looks wrong, from experience you can usually see code that shouldnt be their.The only way they could have done it is inject code into one of the files, we can see you have patched it correctly, however their is no-way to know when it was added without going through your own server logs. But you need to go through all your siles to see what has been added if anything. If nothing has been added to your smf files then they could be spoofing their IP to make it look like its coming from your server.
Quote from: vbgamer45 on July 02, 2020, 09:20:45 AMDepending on your php version if you have a copy of one of the spammed emails.You might be able to see the originating script from the email headers. Should not the php script used if you have that fetured turned on in PHP.