A user has just uploaded a malicious file to my web server. There is nothing wrong with people uploading files, it is an image gallery and that is what they are supposed to do.
This user has uploaded the c99MadShell backdoor script. I very much doubt the user will be able to locate where the script has been uploaded as it gets moved to a folder with a difficult to guess name.
He has uploaded the file mad.php.gif. Since this is an image file extension, it was allowed.
This major problem is that the file is being executed on my server as a PHP file! No .htaccess files have been uploaded from what I can see.
Can anybody identify what the problem may be that has caused this file to be executed this way?
Thanks for the help.