If you have any customers running Greymatter, you should be aware of a loophole in gm-comments.cgi that allows a person to run php scripts when they post a comment. Sorry, I am not a programmer, but I believe the hacker would place a phpshell file onto the customer's account, and he would be able to have access to the server. One of servers I'm hosted on got hacked through IRC proxy partly due to this.
I suppose the best way to fix this is to disable gm-comments.cgi from being able to process until you patch all the instances of Greymatter. Or just ban Greymatter altogether... It's still a very popular blogging script, even though the original programmer has stopped working on it for a while now.
