Hello,
Our word and pdf documents get spamed when we open them:
Example:
==============
<div style="position:absolute;left:-57435px;top:-97270px"><a href='h/moodle/course/enrol.php/?cvse=0'>bakersfield california homes for sale</a> <a href='/moodle/course/enrol.php/?cvse=1'>public relations jobs california</a>
===============
If we open any document after downloading through ftp they are working as suposed so it lead us to sql or hacked files.
Anyone with similar issues?
Regards,
That spam comes from config.php, index.php and other hacked php files of your site - not from database.
Time to upgrade your whole site (at least clean spam code from config.php and upgrade all files of your moodle package) - and read http://docs.moodle.org/en/Security_overview