Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › HTML Editor (formerly iRite) › HTML Editor and HTML Injection - site hacked!

HTML Editor and HTML Injection - site hacked!

Thread began 11/17/2009 1:34 pm by sandy170299 | Last modified 11/18/2009 10:27 am by sandy170299 | 9236 views | 15 replies

11/18/2009 7:16 amRay BorduinWebAssist

Could be SQL injection somewhere... What is the URL? I can take a quick look to see if I can find SQL injection holes...

One thing you can do is create a database user with read-only access and make sure that is the one used on the front end so that SQL injection won't be possible for updating the database anyway.

How old is the site? What version of Dreamweaver did you use to build it? Dreamweaver Recordsets used to have SQL injection vulnerabilities, but those have been fixed for a couple of years now.

Given your explanation I think SQL injection is the most likely candidate.

Did this help? Tips are appreciated...

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.