It has come to our attention that your 'du886.com' hosting account is running an anonymous upload script. This has allowed an attacker to upload malicious content to your account. At this time, we have removed the malicious content and have disabled the vulnerable upload directory.

To prevent further attacks, you will need to filter the type of files that can be uploaded. For example, if you only intend to receive images via this script, limit the uploads to only .jpg, .gif, .bmp, etc. We also recommend that you enable a CAPTCHA to prevent automatic programs from taking advantage of this script. Please do not re-able your scripts until these actions have been completed. We appreciate your cooperation in this matter.

Please let us know if we can be of further assistance.

Regards,

Advanced Hosting Support

我检查过附件上传记录，没有什么可疑的啊

对方已经帮你把它删除了。以后你可以通过过滤文件后缀来防止此类事件的发生。

引用:

It has come to our attention that your 'du886.com' hosting account is running an anonymous upload script.

你的 'du886.com' 帐户正在运行一个允许匿名上传的脚本。这个是不安全的。