Our site was attacked using vulnerability in
Relevant to all Merge 3.x - 3.42 (we will have relase soon
where printsource.pl will be fixed).
printsource.pl is installed on *nix in
You usualy don't need printsource.pl in production
enviroment (well you don't need the private directory).
The file is used by Merge development mode "Toolkit".
see attached patch.
You must apply patch if your server is exposed
and you need the privte directory on your server.