Site Hacked - Security Assist
I have built a custom cms for a website with DataAssist and other extensions secured with Security Assist. Yesterday, my site was hacked in the following ways:
1. Hacker uploaded images - I assume via backend insert/update forms.
2. Added text - again i assume using insert/update form.
They could have done a lot more damage, but luckily did not.
All forms are password protected via security assist, so I need to understand how/why this happened.
Could someone from support please open a ticket, at which time I can provide urls and access to my site for you to take a quick look.
I was reading another thread here regarding setting up read-only database users for front end pages, but I really would like someone to look at me site and let me know if the see any holes and if this is sql injection:
showthread.php?t=7587&highlight=hack&page=2
Thanks.
-Dan
Using
Mac OSX
DW CS5
DataAssist 2.0.8
SecurityAssist 1.1.9