Has anyone had their CMS site hacked?

Just happened today. Definitely got in through the CMS. Sorry I have to ask this now at such a bad time but others need to know if this is a huge problem. Hoping it's not. Any thoughts would be helpful.
Thank you

Please add details. What is the url?

I took the site down temporarily. I was just curious if anyone else had issues. It seemed somewhat coincidentally so soon after Ray isn't here to help with things like this. But maybe that's all in my imagination.

If you want to upload again, share URL, I am guessing the experienced peeps on this list can track down issues. There is an amazing list of knowledge here.

Thank you very much Patrice. I'm keeping the site down for the weekend. I made some screenshots of the one page before I started fixing. The last shot is when I was logged into CMS. My first thought was hacker got in through CMS code but now I'm wondering if he got in through database.

If anyone has seen anything like this before (attached) or can lend advice in any way, I am most grateful. Thank you, Laura

I haven't seen this happen before, but the first thing that springs to mind is have you upgraded the site to mySQLi? If you're still using mySQL on php5 or older, it's much more susceptible to hacking. You should be on at least php7.4 but preferably php8 and definitely using mySQLi.

Download the free mySQLi tools, install the latest version of DataBridge 2 and then open any Recordsets, Insert, Update, and Delete Server behaviors on the page and switch them to the MySQLi connection. Once you click OK with a MySQLi connection, then the code is updated to MySQLi.

You can also download a beta version of PowerCMS here which updates to myMSQLi: https://www.webassist.com/PowerCMS.zip - there are further details in this thread: https://www.webassist.com/forums/posts.php?id=45570. It's a couple of years since I upgraded my PowerCMS sites to mySQLi /php7 and I can't remember if I had any issues with it, but if you hit any snags then just add to this post and I'll try to help!

Thank you so much but no - that's not it. I've been up-to-date all along. I think it was the way I had my databases setup. Not very secure. I changed users for each of them now and each user has a generated password. I'm sure hoping that will keep them out of my other databases and CMS.