Home Forums General Issues Bug or not in acf.php Reply To: Bug or not in acf.php

  • On this website :

    When i look for “fuckyou4321”, i found :

    Parameter: POST.fuckyou4321
    Data: echo (123454320+1);exit();
    Impact: 7/91
    Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion

    If i take my last backup, the 18th december 2017 (i’m going to restore, i don’t know if a backdoor is added), i don’t find the line with $_POST[‘dd’], and my infected version on dropbox is from 18th january 2017 (oldest)

    The oldest log for apache in /var/log/apache2, is from the 25th february, so it’s impossible to check the request with GET parameter… 🙁

    So it’s a hack of my website