I would like to report an attack vector I have had the unpleasantness of encountering. There was a hack on one of the sites. After analysing the logs, it was found that during the attack, an attempt was made to attack the following files:
"POST /modules/bamegamenu/ajax_phpcode.php HTTP/1.1" "GET /modules/cartabandonmentpro/views/js/fileman/php/movefile.php HTTP/1.1" "GET /modules/explorerpro/action.php HTTP/1.1" "GET /modules/cdesigner/views/js/cdesigner.js HTTP/1.1" "GET /modules/jmsslider/views/js/jquery.fractionslider.js HTTP/1.1" "GET /modules/apmarketplace/ajax.php HTTP/1.1"
Modules:
bamegamenu
cartabandonmentpro
explorerpro
cdesigner
jmsslider
apmarketplace vs 1.0
Check/update if you use any of these modules