We have some problems with spam user registrations in our OJS 2.x. (we are planning to upgrade to 3.x with captcha shortly)
Some of the unwanted users has managed to upload files to this folder:
“/public/site/images/”.
Is that an indication that our system has been compromised or can any user upload images to subfolders there?
Grateful for any comments…
Best regards,
Anders