Full Version: Wordpress & Vbulletin Sites Hacked
I had 2 different sites with hacked with the same message left on both. One site is a Wordpress Site, the other is VBulletin. I am uploading the current versions, but curious about 2 different apps bing hacked at the same time, on the same server.
If someone got your cpanel login info I would think it is possible to hack anything and especially if you use the same password for both installations and the cpanel logins?
Best is to always use separate login info for everything.
Best is to always use separate login info for everything.
QUOTE(mimmson @ Feb 26 2007, 04:19 AM) 
I had 2 different sites with hacked with the same message left on both. One site is a Wordpress Site, the other is VBulletin. I am uploading the current versions, but curious about 2 different apps bing hacked at the same time, on the same server.
Like TCH-Thomas said - you can hack just about anything if they get your cpanel login info.
As for how, at least as far as WordPress, two ways:
1) Edit data directly in the MySQL database. A pain in the butt and most won't bother.
2) Simply view your wp-config.php to get the database password and then login to WP - many people use the same database password as their WP admin password. As I said, they can edit directly in the database, but it's such a pain most won't try.
Best to use three seperate passwords - one for cpanel, one for wordpress, and one for the database that wordpress accesses.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.