Our FreePBX server was recently hacked by someone using the callme_page.php exploit. I found the command in the access_log file. This is an older version of FreePBX (2.6) and I can not afford to upgrade at the present time. I am looking for a patch that fixes this security vulnerability so I can reenable the web server.
Can someone point me to a patch file for FreePBX version 2.6 that will correct this issue?
Thank you for any assistance.