How do I stop an attacker from maliciously updating one of my database tables (Hacked by Mr.Henk404)? I don't see any indication they hacked my username/password yet they were able to access a table and change the textArea display message.
If the password protected administration page(s) aren't accessible, how do the hacker's get in?