Google advised me that one of my client's sites was hacked today and I found an advertising page was added to the site. This site exists on a Windows plan with other sites in HSphere on win39. I don't think any of the sites have CMS systems or apps installed. A few of the sites have simple ASP classic functionality for includes and contact forms but nothing that should provide vulnerabilities to be able to add a file on the server. I also checked the other sites in the root dir and none appear to have similar hacked files. I've seen a few other threads here about sites being hacked but those seem to have CMS installed and there's nothing that indicates why this happened to my client's site. Is it possible this was hacked from another user's account on the server? Any suggestions on tracking down how the site got hacked? Thanks!