Hello

We have an hotspot pro install working fine but since a couple of days some people try to hack it by directly adding parameters/words to the main hotspots page.
This provokes an sql error for now but we would like to fix it before it could give access to something else ?
To explain, the main map is at https://activ-ha.com/c/ and any correct address would be https://activ-ha.com/c/#something.
however attackers try to access https://activ-ha.com/c/somethingelse which gives a 1064 sql error :
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') AND type_alias = 'com_hotspots.hotspot'' at line 3

Can you let me know how to solve this ?

Thanks
Jean