10-29-2009, 02:02 AM
This could be anything. Odd considering your 644. You probably want someone you trust to have a proper look around the server.
10-29-2009, 02:32 AM
My guesses in decreasing order of probability -
Your admin script allows someone who is not logged in to access the content on your form/form processing pages.
You are including files in your admin script that when browsed to directly don't care about the log in check on your admin pages.
You have an upload function that allowed a script to be uploaded that then allowed a hacker to do anything he wanted to your site.
You are including content based on a GET parameters and allow_url_fopen/allow_url_include permitted raw php code to be included and executed on your server.
SQL injection allowed a hacker to either obtain your admin script password and/or create his own admin account that then permitted access to the content in your scripts.
It would take seeing your code to determine which one(s) of these or any other possible exploits exist.
10-29-2009, 02:57 AM
well none of my scripts include anything from $_GET vars, and my admin doesnt manage any php files... and the logins for the admin are HTACCESS and not stored in a database.... and there are no upload forms outside of the htaccess-protected admin area. so im not sure what is going on.