index page site hacked

hi,

I have not made any changes to files or folders. Not like knowing where you find the bug

i use the acunetix end show Vulnerability description:



Cross Site Scripting (XSS)



/index.php



The GET variable q has been set to %F6"+onmouseover=prompt(443764303152)//.



:confused:

Have you made sure that all of your files have the correct permissions?



Especially make sure that the index.php files are correct.

[quote name=‘argentice’]Have you made sure that all of your files have the correct permissions?



Especially make sure that the index.php files are correct.[/QUOTE]





yes, i sure. I set to 644



ps (I still have version 1.3.5 I have problems with the update)