cushy cms

[MediaGuy]

Code:

two xara .js files were also compromised, not just the html

This is not good at all. I assume you've done a system scan? Cushy CMS sounds great but I won't give anyone my clients server information outside of my server for just this possible out come.

Good luck.

[slavelle]

Cushy CMS was not involved in this compromise - just to be clear.

I've never used Cushy. There is no reason anyone should have been able to get into that site except for a compromise at the host (godaddy) itself. At least 50 files on two clients sites were changed all within a matter of seconds. This was a bot attack of some sort.

The site in questin here uses a wordpress.org Blog which also has no access to the actual FTP of the web server either - just the databases it uses.

[MediaGuy]

That's good to know that Cushy CMS is solid. I hope everything gets resolved by GoDaddy to your satisfaction quickly.

Cheers