Hi Puffin,
Sorry I should have mentioned better.
Basically earlier versions of ajax-search had an exploit which were patched in later versions of MODx however some of the old ajax-search files were called
(1) ajax-search.php, ajax.php (old versions)
The new versions of AJax-Search had different file names so basically when users upgrade MODx these (1) files never got removed.
If anyone uses Ajax-Search just delete your existing assets/snippets/ajaxsearch folder then download the latest ajaxsearch 1.90
http://modxcms.com/extras/package/?package=8
And install this as it’s fully patched and comes with the latest version of MODx deleting the old folder first just ensures you are not carry across any of the old files on your new version install.
Aaron