My CPanel/WHM account(two) have been hacked using some Cpanel vulnerability ... I think. To reduce risk of attack I'm maintaining Joomla sites in different account. In one account home directory a dasher.php was placed. While in other LICESNE.php was placed.
I've attached the original access_log which is encrypted with passwd.
The attack has come from IP : 199.115.117.242
You can see that an infection dasher.php was uploaded.
I've changed the login name, server name and the ip address in this log file
Can you please tell me what could be the vulnerability?
I've attached the original access_log which is encrypted with passwd.
The attack has come from IP : 199.115.117.242
You can see that an infection dasher.php was uploaded.
I've changed the login name, server name and the ip address in this log file
Can you please tell me what could be the vulnerability?