Hello Raskolt,
That message seems to say that the site can be hacked and NOT that is have been hacked.
There has been many security holes plugged since that version. Your current version needs to
be upgraded.
--------------------------------------------
The 3 first things to do when/if you find a remote file inclusion:
1) Scan all folders for newly created files by checking the file timestamps.
2) Make sure no Manager/Web Users has been added
3) Change passwords (MODX, MySQL, FTP etc.)
IMHO: Best protection is a backup offline on a local webserver. Then if a site gets compromised:
1) Download the latest assets (pics, pdfs etc) and make sure they are legit.
2) Secure the site patch/ upgrade
3) Wipe everything on the server and replace with the fixed/up2date backup.
4) Change passwords (MODX, MySQL, FTP etc.)
Read more
https://forums.modx.com/thread/91891/is-it-a-hack?page=2#dis-post-502182
http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/#injection