I made a bad mistake with the apache configuration for a phpmyadmin on a server of mine and i was attacked by this sql injection attack: http://www.hackerscenter.com/index.p...ction-RCE.html
So somebody hacked my phpmyadmin install recently and now I am trying to decide what needs to be done to clean it up. The server does not host valuable websites itself but does contain valuable data and code. Once I realized I had been hacked, I took phpmyadmin out of apache and then did a complete purge of the package and all its configuration files. Then I reinstalled it. phpmyadmin seems to be fixed (including the bonehead error on the apache2 config), but I am concerned what else an attacker might have does while it was hacked. It was several days before I realized the trouble.
If it was just a vandalism thing and purging/reinstalling phpmyadmin fixes it, then I'll let it go. But I don't know enough to say that.
Bookmarks