Security issue? Form open for hacking?

I had some strange activity on my site yesterday; illegal e-mails to be more specific.
Via cPanel I found that there is an invite-form accessible even if I have turned off everything related to invites in Event Booking:
No hits when searching the forum for this.

I'm running version 1.5.3 on Joomla 1.5.9

Last Joomla version is 1.5.26 I suggest to update your site.

I do belive I wrote that I'm running Joomla 1.5.9 and Event Booking 1.5.3...

Hi Petter

Could you please submit a support ticket sending us administrator and FTP account of your site ? We will check and get it solved for you.

Regards,

Ossolution Team

Hi Tuan,

I would prefer to have an explanation and a solution via the forum, if possible? This way others will benefit as well.

Rgds,

Petter

Hi Petter

Yes. We can discuss about this issue in this public forum, that's now problem .

Basically, at the moment, when you choose to hide invite friend button, the system will only hide the button itself on the page so that users won't be able to see and access to invite function. It doesn't actual "hide" the code itself. So the solution is that we will need to edit the code alitle to redirect users to homepage if they try to access to that function bu accessing directly to the URL.

This is not really an urgent issue, so I will work on this weekend. Will that be OK for you ?

Tuan

Hi Tuan,

Sounds fine, how about adding Captcha to this form?

Petter

On a side-note; I posted another topic Wednesday this week that seems to have been deleted? Can it be restored or do I have to post again?

Hi Petter

Adding captcha wil be good solution. But it will take me more time. For now, I think I won't add it, maybe in the next two weeks, pretty busy these days.

For your other topic, I am afraid of we could not recover it. Could you please re-post it? Our forum is spammed so much these days and we usually have to delete spam posts and that might be the reason the post was deleted. Really sorry

Tuan