Tweet
Someone has dropped an iFrame that opens up some nasty websites in my cpadmin footer. Where is the code at so I can fix it?
-
-
We would need more information, as this doesn't really tell us very much.
However, as a minimum, you should download a fresh copy of the files for your version and upload these to the server, making sure you overwrite what's already there.
You then have the issue that someone has gained access to your server to put the malicious files up in the first place.
We have a guide to fixing hacked sites HERE. It's important to follow EVERY step, and in the correct order.
MARK.B
vBulletin Support
------------
My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
My Unofficial vBulletin Cloud Demo: https://www.adminammo.com -
The line is right under this line in the footer code
START CONTROL PANEL FOOTERComment
-
Our IT team has scanned every file in the system for injections. Could it be coming from the database?Comment
-
Also we uploaded a complete fresh version of vB and ran the upgrade to the latest. This should have over written any hard files. It has to be in the database somewhere. It is only in the admincp. What template that is hidden in the database could be screwed up?
Comment
-
The AdminCP doesn't use templates. Plugins are stored in the database. You would have to manually inspect each of them.
AdminCP -> Plugins & Products -> Plugin Manager.Translations provided by Google.
Wayne Luke
The Rabid Badger - a vBulletin Cloud demonstration site.
vBulletin 5 APIComment
-
There was a plugin called vBulletin that had the attached code in it, that I believe was the issue. Please take a peek.Comment
-
Looks like an exploit. Should delete it.Translations provided by Google.
Wayne Luke
The Rabid Badger - a vBulletin Cloud demonstration site.
vBulletin 5 APIComment
-
That is an exploit, zap it immediately.Baby, I was born this wayComment
Comment