hi all! i hope i don't sound too much like a noob, i've never had to deal with a hacked web site before.

apparently matt kruse's calendarscript (www.calendarscript.com) has a vulnerability.

i installed calendarscript for my client in march of last year. in april this year, someone uploaded an IRC program called unreal 3.2 to my client's ftp. i don't often update that client's site, so i didn't notice it was there until last week. the folder's permissions were set so i couldn't open or modify the folder beyond renaming it. i renamed the folder and contacted their host about changing the permissions so i could see what was in there. i finally got in to see what was going on and i found the IRC program. this thing must have been a huge bandwidth hog. their log file, which only recorded the past 2 hours or so, was already over 1.5mb. i downloaded the unreal files to see if i could get any useful information out of them. i don't know anything about IRC, so its basically useless to me.

i did a search on calendarscript's forum to see if anyone else had this problem. turns out someone has written a script that lets you gain access to other peoples' calendarscripts via a sneaky url. last night, my client tried to add an event to the calendar and it wiped everything completely blank. a whole year's worth of data is gone, and the script itself has been rendered useless. it won't even let me import the backup files or update anything. i'm guessing the script kiddie who put the IRC program on there didn't appreciate me deleting their chat channel and took out his/her frustrations on my client's calendar. needless to say, i'm a little irritated!

i'm in the market for a new SECURE calendar script, if anyone has suggestions

my question is this...is anyone familiar with this unreal program? i would very much like to find out who installed it so i can report them to their isp. i have all their files, but have no idea where to start looking. my client's host's log files are deleted every month, so i can't see what was going in in april. any help would be greatly appreciated.