I noticed an unusual activity on my site (e-commerce opencart 2.0.2.0)
This is the command you used
I do not know exactly what it looks like exploiting a php fault and inserting a backdoor I have the code that was injected or not yet I do not know apparently it deleted the text of the server it was on but I made a copy if someone wants to analyze Let me know what I'm saying.
Now my question is how do I know if his attack was successful how to fix the problem?