Menu
My site’s database was getting hacked into through the GET variable of a url that I didn’t properly sanitize. I think it’s fixed now. But I checked out the remote folder where I stored some images on that page and there were .php files uploaded into it along with other pictures that I never uploaded.
How does someone upload files through the GET variables of a URL???
And the .php file that was in this folder was about 7,000 lines long and looked like it was sending out mail at the very end.
Any idea on what was happening with this website for the past few days??