CAN A HACKER HIJACK A WEBSITE VIA INJECTING A MALICIOUS SCRIPT INTO A PHP CONTACT FORM?

admin — Thu, 08 Dec 2011 05:01:18 +0000

Question by CharlieN:
Can a hacker hijack a website via injecting a malicious script into a php contact form?
My website was hijacked and I dont know how – it does have a php contact form but it doesn’t hook up to a database so no sql!

——————————————

Answer by Ayame Yamamoto
Short answer, yes. You using wordpress? I known XSS javascript injection is known and usually ends up on people who do not update wordpress. But the same would apply to the form if your not checking for such scripting.

——————————————
What do you think? Answer below!

Adsense Script » form

CAN A HACKER HIJACK A WEBSITE VIA INJECTING A MALICIOUS SCRIPT INTO A PHP CONTACT FORM?