Welcome the Technical Support section. Help us in assisting you by providing us with a concise and descriptive elaboration of your issues. Be specific and if possible, provide us with a step-by-step instruction in replicating your problem.
My site was hacked like another user on here. I found x.php hacked my Hmei7
one file in root folder and one in images
I deleted both files, and applied patches but the next day someone registered and it crashed my Jomsocial frontpage I suppose that was another hacker.
I deleted user and jomsocial frontpage came back.
updated to latest Jomsocial
and applied admin tools
My question is I applied the latest jomsocial do I still need to apply the patch or is it included in the latest download.
I think The vulnerability is located in the 'photos' controller, 'ajaxUploadAvatar' task.