Hi,
Your site is definitely infected. The strange thing is different
pages contain different sets of malcious scripts.
http://www.UnmaskParasites.com/security-report/?page=www.shangrilaarts.com/meena.html
http://www.UnmaskParasites.com/security-report/?page=www.shangrilaarts.com/LeadershipHouston.php
http://www.UnmaskParasites.com/security-report/?page=www.shangrilaarts.com/events.php
note all those scripts from .ru domains.
And it's not php pages only (or is that meena.html is also a php
script behind the scene?)
The home page also contains an obfuscated script that starts with
"function vtYbybaVxyY(vbybYtydVYa){..."
Your site looks like a hackers' playground.
I can only suggest that you check your files one by one and remove
the malicious code. Also look for suspicious files on your web server
and remove everything that doesn't belong there.
Then make sure only you can write to any files and create
directories on your server.
Regarding PHP programming. The major rule is never trust user input.
In order to avoid SQL injection and XSS attacks you should properly
sanitize form data and URL parameters.
You can start by reading the following Wikipedia articles:
http://en.wikipedia.org/wiki/SQL_injection and
http://en.wikipedia.org/wiki/Cross-site_scripting
Denis
http://www.UnmaskParasites.com
--~--~---------~--~----~------------~-------~--~----~
You received this message through the Google Groups "stopbadware" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/stopbadware?hl=en
-~----------~----~----~----~------~----~------~--~---
