I have Crawl protect running (no log entries for that date)
I have a hash check running against all Opencart files (none have been modified)
The http log show nothing
Login is restricted by IP
A good range of Online 'Source' exists, containing 'Stuff', placed either by 'regular' Dev's, just trying to make sure, to know, if someone Unauthorized is using their Software, or then, by Those, offering paid OC Extensions and Themes for Free, but hiding their 'own' Gizmos into the Source, to, at least, make some money, later, when it comes to break into such stores, and grabbing, what is available, but not in their own 'Inventory' yet, to keep in business.
Just to give you some Ideas, on such, and how it's been done, sometimes.
Under 'normal' Circumstances, and with VISITOR UPLOADS disabled, it would/could not have been the case...
For Sale: Turnkey URLs with Opencart installed
My latest Opencart LIGHT Testsite: http://www.velomech.ch
Attacker IP Blocks are denied from further access to my Sites!
Just contact me for more Information at: firstname.lastname@example.org
760 FREE OC Extension-Repositories - from OC v.1.5.x up
on the largest Opencart-Mod Github Site: https://github.com/IP-CAM
Another way I have seen something like this done is through extensions that had SQL injection weaknesses. You might notice something in your server logs containing the data added, if it was done by a GET rather than a POST.
https://creadev.org | email@example.com - Opencart Extensions, Integrations, & Development. Made in the USA.
Date added 10/02/2016 00:00
user_id 9999 (wierd??)
Nothing else runs on the account but Opencart (but on the server lots of other things may be running - see below)
as far as the server goes this is a Cloud server running at Tsohost
Users browsing this forum: No registered users and 3 guests