JoomDonation Hacked Email

everybody has to be in same topic.
joomdonation.com/forum/events-booking-ge...s-to-joomdonati.html
please go and check

Hi

I'M new to this forum, please advice how I get a ticket - i also received this email and I'm very worried as I'm unsure which of the joomla pluggings I used would have been effected. Thank you

I also received this email regarding JoomDonation. Currently I'm using it on one site I designed for a client. Do you recommend I disable it until this is resolved?

Also worried about payment info since they have my full name and email address. Please advise asap on how to handle this.

Anna

Tuan,

Please give us an update on this. It's been several hours of worry for many on this thread. Thanks.

An update like this one?

joomdonation.com/forum/questions/45068-i...-security-issue.html

Me too.
I think you guys should send an email to all your users, this got me pretty scared,

I also got the email and I think we all want assurance that all Joomdonation software is safe and secure.

I also think this thread should be made sticky at the top of the forum explaining was has happened and what steps you have taken to remedy it.

My site was hacked and i almost lost my hosting account! Is this sorted? This guy says we have 5 days to delete the component......

Also got the email. Funny thing though that I got it on an email address I used for presale questions - and not on the one I used when I purchased booking system.

I downloaded my site and did a full local scan with Eset NOD32. I downloaded Malwarebytes and did a scan of the site and nothing came up.

Also... why notify and not give an alternative. It's all hot air just to bring down a system that actually works because they can't compete.

I have used it for 2 years and even had extra development done for the South African payfast gateway and it's been seamless. A bit of a coding workaround initially with branding on tickets emailed to users but once done, it worked.

I'm not afraid of the Payment details, as they could NEVER be an issue as that is done on the ACTUAL payment gateway itself (ie outside of bookings system on PayPal or in my case PayFast aswell)

Recieved the same email.

I just scanned my site using RSFirewall component. It scans for every known hack inside the code, including php scripts embedded in image files, but found no real threats.

It found two suspicious pieces of code inside 'administrator/components/com_jdonation/view/fields/tmpl/default.php' on lines 76 and 78:
This seems pretty straight forward Joomla list sorting code, but maybe there's something else in there.