SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. backdoor-phppreg_replaceeval


Description: We detected a malicious code hidden under a preg_replace with the "e" switch that acts as an eval call (code execution). It is often used to bypass simple detection methods that only look for "eval(" call itself.

Use: Hide spam, malware and backdoors.

Affecting: Any web site (often through outdated WordPress, Joomla, vBulletin, osCommerce and stolen passwords).

Clean up: You can also sign up with us and let our team remove the malware for you.

Malware dump: