Bernard T wrote:If you would have followed the checklists to the end you would have cleaned the Joomla properly.
Thank you for the help Bernard. I've already:
- Checked my .htaccess file
- Checked my framework.php file
- Checked my application.php files
- Searched for base64 or eval in my code with JAMSS (but it returns a lot of false positive, so maybe I've missed something)
- Used the FPA
- Updated my Joomla to the latest version
- Updated my Joomla Extensions
- I deleted files in temp and cache
The last thing remains to do is to remove all the website files and reinstate them, but I would prefer to not doing that... I've used WinMerge to check differences in the files I supposed to be more vulnerables.
Anyway the link is shown very few times. I delete the cache and it disappears for weeks...
If you see in the FPA a vulnerable extension please let me know.
Thank you very much again.