What sound strange to me is 2 hacked sites for 1 webmaster at the same time.
Are these website on the same fileserver ?
Same hoster ?
Anyway please use contact rather forum on security alerts.
Note: Contact is available in footer.
I suppose you have Piwigo 2.1.0 or 2.1.1 (because the HTML loads themes/dark/theme.css)
This is very important to know if the hacker used a security vulnerability in Piwigo or somewhere else. Please keep us informed and don't reveal the failure publicly before we have a fix for it. Contact us by email : "contact" /at/ "piwigo.org".
Which Piwigo version are you running?
Did you get it from our site, or from somewhere else?
Depending on the volume of data you have on your sites (3 weeks is not much ...) it might be easier to reinstall from scratch, or to do a dump of the database and reimport it in a new installation.
I have decided to remove the corrupted index.pho from the root of the first site.
The site claiming responsibility for the attack is http://bgdad.webs.com/
I can get into the admin panel ok after copying the original index.php into the root directory.
I installed Piwigo on two sites about 3 weeks ago.
The two sites are
(which I have left as it was after the attack)
(which I have replaced the index.php in the root directory from the initial package.
Can anyone assist with getting the index.tpl file error message sorted.
And is there anything that I should do to prevent another attack.