one of our websites was hacked, the attacker used weakness in the scripting, what he did was added to the address "http://www.xxx.com/details.asp?id=xxx+update+textnews+..." and by this he changed the main page.
My question is why the IPS did not detect it ? isn'this some known form of SQL injection ?
is there some good explanation about these types of attacks and what should be done to further prevent this type of attacks
Thanks a lot