Website hacked (Gesior acc)

[lycefur]

Ohai. My website has just been hacked, the hacker changed content of buypoints.php (woot?) and had access to GOD account(woot?), he modified the news. Any ideas how was it possible? Thanks to exploit in guilds? I think I deleted news ticker and I have no 'houses'. I removed this exploit in guilds but still wondering HOW...
I changed all passwords. I have a firewall too, scanned my computer with avast and spybot s&d, no viruses found.

Any tips for future?

 

[cirtaboy]

You forgot to password the PMA account.

 

[lycefur]

I guess PMA stands for phpmyadmin, I have a really good password here...

 

[Pietia]

it's an user in mysql.

 

[lycefur]

What is an user in mysql? What do you mean?

 

[rockseller]

Do this to prevent further hacks:
http://otland.net/f14/warning-everyone-whos-running-xampp-15321/

But i must tell you that there could be other reasons behind the hack, but if you are running your website under MySQL (Xampp package), thats the most reasonable explanation

 

[lycefur]

Yes I was running my site under MySQL. Thanks a lot every1 of you for help. I hope my site is safe now. Rep+ every1

 

[Delirium]

I guess PMA stands for phpmyadmin, I have a really good password here...

Yes, that's what it means. However, the PMA user is the control user of phpMyAdmin which by default has no password specified (on the latest xampp version though, you can set a password to it when you also set a password for the xampp directory for the first time)