my site overunity.de was hacked with SMF 2.08 and PMX 1.51 ecl
They used the path:
to upload some Ali(1)ASP.JPG
fake pics and then executed them via some
PHP files also uploaded there into the
Images or Media oder File subfolder... !
Pay attention to the Permission that you give these folders !
I have updated now to SMF 2.09 and PMX 1.52 ecl and
hope these security issues are fixed !
It seems they only made traffic, but did not delete any files...