| gunjan |
| Beginner |
 |
|
| Joined: Jun 10, 2013 |
| Posts: 1 |
|
|
|
 |
|
 |
|
I have website as ASP.net as Front end and SQL Server 2005 as Back end.
But I am facing a very strange SQL injection on my back end.
Some type of CSS with HTML with spamming site is appending their code to my website database with each table and with each varchar type columns.
For e.g.
</title><style>.acoi{position:absolute;clip:rect(439px,auto,auto,439px);}</style><div class=acoi>Apply here <a href=http://gogopaydayloans.com>payday loans</a></div>
I tried all these things.
I have checked there are no query string parameters are open.
All queries are parameterized in whole website.
My IIS Server log not specifying that which page open for this.
How should I sort out this issue? |
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 289
Members: 0
Total: 289
