I guess I’ll take responsibility as I created the uploader. It was a simple image uploader for us to host images but I never went through with it.
Guess someone discovered it and uploaded a malicious script.
I’ve deleted what I’ve could and going to get our host to clean this up through the shell.
There’s no further access to that folder.
Whoops…
