20
OK. Thanks for that. What can the hacker do with "all my server information"?
Since I found these first 2 files, I have found a stack of similar files throughout my site.
It seems that EVERY directory in my XOOPS site that has permissions set to 777.
I have deleted as many as I can, but there are even some of these files that now say that I don't have permission to delete.... I have contacted my host to try to remedy that.
I suggest that you all have a look in your directories to see if you have some php files there that shouldn't be.
The 3 directories along with their subdirectories are:
cache
templates_c
uploads
I would also suggest that you protect these directories by placing a .htaccess file in each of these directories with
Deny from all