PHPRUNNER 5.0 Build 766 (Old System - we're currently using 5.3)
Did several searches (I'm sure this has been covered before but I couldn't find what I was looking for) - our website was recently compromised by the stormnouc.cx.cc iframe and php 64 code insertion (looks like they got our FTP passwords).
So I'm reviewing security on this whole PHPRUNNER 5.0 site - 755 is the permission set for dbcommon.php in the oldinclude subdirectory which has the database username and password in plain text (as has been noted several times in the forum).
With the directory permission settings as uploaded by PHPRUNNER it's also easy to navigate to the oldinclude directory (also 755) and see a directory listing of all the files.
Just wanted to confirmed that with permissions set to 755 on everything we're OK and safe with these plain text passwords, etc. sitting out there.
Thanks a million! Take Care... Mike.