Blogs are being hacked

Topics: ASP.NET 2.0, Business Logic Layer
Apr 12 at 6:59 PM
Edited Apr 12 at 6:59 PM
Today I noticed that I've a lot of spam pages created on my blog created upon BE 3.1.1.0

I have even found a "hacked" page on the main project site: http://dotnetblogengine.net/search.aspx?q=coupon

Do you know about this issue?
Coordinator
Apr 12 at 7:18 PM
Pretty amazing - you found a page we didn't notice when cleaned site over a year ago (thanks by the way, removed) but couldn't find security patches in posts #1 and #3 :) Yes we aware, this is why those security patches released.
Apr 12 at 8:45 PM
Sorry but which posts are you refering to? Do I have to upgrade to 3.2? Thanks
Coordinator
Apr 12 at 9:08 PM
Edited Apr 12 at 9:09 PM
If you are on 3.1, then you need to apply this and this or upgrade to 3.2.
Second patch manual steps basically outlined here.