Cleaning Up a Mass-Mailing Compromise on MODX Evolution 1.0.5

A historical security incident post about malicious mailer uploads inside an old Evo installation.

This is one of the stronger security topics in the old archive. The trigger was serious: a host blocked a MODX Evolution 1.0.5 site because attackers had uploaded a spam-mailing script somewhere under /assets and were using the installation for mass mail abuse.

Why this post matters

it captures a real incident pattern from aging Evo sites
it reminds teams that file-upload surfaces and writable directories are part of the security boundary
it belongs in the archive as a practical security warning, not just a support anecdote

Historical lesson

Old Evolution projects were often compromised through the surrounding file-management and upload layer rather than one dramatic core exploit. That is exactly why posts like this still matter in a historical knowledge base.

Newer post

Using Sphinx Search with MODX Evolution for Better Full-Text Search

A historical performance article about moving beyond AjaxSearch for serious relevance and speed.

Older post

Path Disclosure and Shell Uploads: Why “Not Critical” Still Matters on Old Evo Sites

A practical security reminder about path disclosure, uploaded shells, and layered risk on older hosting setups.