January 8, 2009 12:45am pst

1. ushastry 28,000
2. angelIII 11,100
3. mwvisa1 10,450
4. ionutz2k2 6,000
5. cxr 4,900
6. Sandman... 4,400
7. Ray_Pas... 3,600
8. arnold 2,875
9. fibo 2,750
10. objects 2,500
10. Juan_Bar... 2,500
12. HayesJupe 2,000
12. bluebelldis... 2,000
12. azadisaryev 2,000
12. matthews... 2,000
12. LordOfPo... 2,000
12. jason1178 2,000
18. ryancys 1,600
18. thehagman 1,600
18. BrandonG... 1,600
21. tchamtieh 1,500
21. DanielWilson 1,500
23. PIERCGG 1,400
23. v2Media 1,400
23. jausions 1,400

1. angelIII 2,268,940
2. todd_far... 1,724,617
3. snoyes_jw 765,508
4. Raynard7 704,144
5. ushastry 630,074
6. hernst42 620,899
7. Squeebee 555,077
8. leannonn 502,006
9. hielo 481,986
10. routinet 393,202
11. NovaDeni... 374,559
12. akshah123 328,218
13. virmaior 324,848
14. psadac 324,195
15. AdrianSRU 321,878
16. yodercm 317,867
17. mankowitz 304,286
18. fibo 293,857
19. ee_rlee 219,254
20. teraplane 193,956
21. ldbkutty 184,558
22. racek 181,131
23. glcummins 180,665
24. gamebits 179,036
25. steelseth12 177,995

04.19.2008 at 05:43PM PDT, ID: 23337211

	[x] Attachment Details

SQL Injection Hack and fix - www.nihaorr1.com/1.js

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

5.8

Zones:

MySQL Server, Networking Security Vulnerabilities

The script -www.nihaorr1.com/1.js is getting inserted into every record of my organizations SQL db. I'm the accidental techie in my office, and I'm clueless as to the vulnerability in our code. After a restore, the site gets hit every other day. I've searched around and no one seems to have an answer to this specific problem. There's no doubt in my mind that our coding has a loophole in it somewhere, but I'm not sure what to look for.

I'd appreciate any help!

Thanks,
lou

#	Title
1	sql injection, quotes and cfqueryparam
2	Dynamic SQL / Stored Procedure and…
3	Possible Injection <xss>alert('XSS…
4	Determine the source of, and PLUG /…
5	SQL injection
6	banner82 sql injection