One of our websites that we manage was defaced. This is due to Jomlaa version 1.5.5 and all Jomlaa previous version 1.5, admin password can be reset by other user.
You can read it here.
It's took us sometime to figure out what happening until Gcert MAMPU alert us the particular bug. We assumed it's just another 3rd party modules given us the problem. haiyaaaa....
Yes. I have my own CMS (Content Management System) called CmsForNerd.