PEAK XOOPS - News 
http://www.viruslist.com/en/weblog?discuss=208187897&return=1
A notify system for such worms via FTP has just been implemented in Protector-3.50.
It checks mtime of XOOPS_ROOT_PATH and mtime/inode of XOOPS_ROOT_PATH/index.php
It works like a noisemaker in banks.
Though it cannot protect any manipulation of your site, you can avoid to scattering such worms from your site by the notifying mail.
Of course, the first priority must be "Keeping the client secure from such worm".
And it might be better "Watching sites by each other" than "Watching a site by myself" if we implement an observing system for servers.
Now I've never heard bad side effects about DBLayer-Trapped-Anti-SQL-Injection.
Thus, I've numbered 3.4 for Protector as STABLE version.
And the module name has been changed from "Xoops Protector" into "Protector" after 3.4.x.
During beta testing Protector 2.3.x:
- ImpressCMS 1.1.2
- XoopsCube Legacy 2.1.7
These cores have the feature for DBLayer-Trapping.
I thank these core developpers about it. 
As the acknowledgemet, I've added optimized module_icon for each cores like ImpressCMS 1.2 or XCL2.1
I also thank to Rene Sato telling me information about ImpressCMS 1.2
# I've found a bug in upgrading script in ImpressCMS 1.2 beta.
/upgrade/upd-icms-1.0-to-1.1/settings_salt.php line 46
if ( !isset( $vars['DB_SALT'] ) ) {
require_once ICMS_ROOT_PATH.'/class/icms_Password.php' ;
$icmspass = new icms_Password();
$vars['DB_SALT'] = $icmspass->icms_createSalt();
}
Regards!
Some SPAMs were posted into this site.
"how can I get a newer version?" or "this is useful!"
It looks not a SPAM just a grance.
Judging by access.log, such posts must be made by not machine but human.
sigh...
Then, I'm trying a filter disabling posts from someone registering this site within 60 minutes.
If you are annoyed such a SPAM, try the latest Protector (3.36a).
just copy
filsters_disabled/postcommon_post_register_moratorium.php
into
filsters_enabled/
I met gigamaster yesterday, in Hotel New Otani of Tokyo.
He looks great. a nice guy, indeed.
Because of my poor skills of English conversations, we could not communicate each other enough.
But I feel his passion about "open source".
As gigamaster's posts sound bitter 
, he is misundestood in the community of ImpressCMS or xoops.org.
After the meeting, this is just a problem of missing communications.
"Open source projects" are often developped "on line" only.
But, I convinced "off line meetings" raise them higher stages.
a XSS is found in piCal-0.91h
You'd better to select just ONE of these actions
(1) update piCal into the latest version >= 0.92
- recommend for site owners using piCal as is
(2) overwrite just piCal/index.php in the latest archive
- recommend for site owners using piCal with some hacks
(3) patch piCal/index.php manually
- recommend for experts. it's an easy patch
line 154 in index.php
$xoopsTpl->assign( 'print_link' , "$mod_url/print.php?event_id={$_GET['event_id']}&action=View" ) ;
$xoopsTpl->assign( 'print_link' , "$mod_url/print.php?event_id=".intval($_GET['event_id'])."&action=View" ) ;
If you use Protector and turning "enable anti-XSS (BigUmbrella)" on, don't worry about it. The feature of "anti-XSS" can protect attacks via XSS entirely.
Anyway, you'd better update piCal if you use older piCal.
And I strongly recommend you to turn "enable anti-XSS (BigUmbrella)" on, even if you use piCal.