Why do i get these hyperlinks on my website? Security Flaw?

Question

In the image below is where I recently found these malicious hyperlinks.

I tried to log into my web-host and I couldn't find any hyperlinks attached to the elements in my files.

My Questions:

How do I avoid these?
How can I remove them?
Despite these hyperlinks, Is my website vulnerable to any XSS attacks? If yes, please specify the holes i should fill.

I am using Ajax to send an instant response if the email already exists or not; Would this influence the attacker to easily send XMLHTTPRequests to the server?

I just want to make my website 100% safe as in a matter of none would ever get into the database ( confidentiality, integrity, and availability ) considering I have SSL certificate over HTTPS. Even if it's only login system website without many complicated input stuff.

I heard using SQL stored procedures help, also HTML encoding.

Please visit the website and take a look over the code www.tarsh.tk

Any Help/Hints/Tips/Links would be appreciated.

Which browser are you using? I think this is about browser (installed Adobeflash player plugin). — AddWeb Solution Pvt Ltd, Mar 21 '16 at 06:28
Since it is not visible for others it is probably some extension you have installed in your browser. Such installation might have been the side effect of some software installation (i.e. adware). — Steffen Ullrich, Mar 21 '16 at 12:38

score 0 · Accepted Answer · answered Mar 21 '16 at 06:31

0

The site at www.tarsh.tk does not have any hyperlinks for me see http://picpaste.com/Screen_Shot_2016-03-20_at_11.29.02_PM-F7OsKLUZ.png.

Maybe it isn't the site and it is your browser. Have you tried a different browser?

I used Chrome 49 and Safari 9, both are rendering the site without hyperlinks.

answered Mar 21 '16 at 06:31

Philipp

1,289
1
16
37

Well i got these hyperlinks now on this page, but i cleared the cache and hosted app and removed unwanted extensions on Chrome and now they are gone. For the second part of my question post concerning more about the security of my website. Is there is any chance that someone break into my database to view it or change it with the use of XSS or injecting SQL statements? and how can i prepare myself and defend it? this is more likely an education and gathering knowledge based question. – Azazeal Mar 21 '16 at 06:40
Let me know if i should ask this question separately. Thanks everyone who came to help – Azazeal Mar 21 '16 at 06:50
I would ask the question separately because the title does not state the XSS attacks you are concerned about. Additionally, there are a lot of posts regarding XSS attacks in so, e.g., http://stackoverflow.com/questions/15755323/what-is-cross-site-scripting – Philipp Mar 21 '16 at 06:53

Why do i get these hyperlinks on my website? Security Flaw?

1 Answers1