kram66 wrote:x3/panel/filemanager_assets/securimage/securimage.php: zeroscience
I am not quite sure from reading the above how this file is claimed to be hacked. Has anything changed on your website? Has this file been changed? To be honest, I don't think so. For your information:
- I am not sure what you are referring to ": zeroscience". Inside this file, there is a comment: "- Fix XSS vulnerability in example_form.php (discovered by Gjoko Krstic - <gjoko@zeroscience.mk>)". My guess is that your host's virus scanner has somehow evaluated this file as a "threat" (because of the comment/content), although it is not.
- This file (and it's folder /securimage/) are not even used in X3 (they don't display anywhere), and will be removed soon.
- How and when was this file hacked? There are no backdoors to "write to files" of any kind in X3, apart from the PANEL, which requires login of course. Even on login, security in the panel will prevent writing/editing anything else than image files etc (not PHP).
- Even if this file was hacked (which I doubt very much), it would likely be from another application on your website, or even from an old X2 installation. I doubt it is hacked though.
- What date was this file hacked? Likely it has the same file date (view FTP) as the other files in the folder, which means it's not hacked.
Please send me FTP login, and I will diagnose your website to see if anything is compromised. Or at least send me a copy of the securimage.php so I can validate it.
Unless I can confirm that your website has been hacked through X3 (unlikely), I will eventually rename the title of this post from "Hacked", because it is misleading to new and existing users.