I would make a copy of the application-code and the database as it is running right now. Take the site offline and setup one of your latest backups. Then make a diff on the version you deployed (in case you do not have that consider using a VCS next time) and the code you just saved from your webserver, so you can see what has been modified and analyze the consequences. Besides that I would suggest that you inform your hoster about the possible attack and ask them to investigate it or, in case you are running non-hosted, patch your production system.
regards, Jens -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
