# Security Assessment & Incident Response

## Critical Vulnerabilities (Potential Causes of File Modification/Loss)

### 1. Insecure File Uploads (Critical - Likely Vector for RCE)
*   **Issue**: `php/api/create_member.php` validates only by file extension, uses `0777` permissions, and lacks content validation.
*   **Likely Impact**: An attacker could have uploaded a PHP web shell disguised as an image. Once uploaded, they could execute commands to modify or delete any file the web server has access to.
*   **Immediate Action**: 
    *   Change directory permissions to `0755`.
    *   Implement strict MIME type validation using `finfo_file`.
    *   Add an `.htaccess` file in all upload directories to disable PHP execution: `php_flag engine off`.

### 2. Broken Access Control (Critical - Unauthorized API Access)
*   **Issue**: Most API endpoints (e.g., `php/api/`) lack authentication checks.
*   **Likely Impact**: If any administrative or maintenance APIs exist (like the `fix_*.php` scripts found in the root), they could be triggered by anyone to modify the database or filesystem.
*   **Immediate Action**: Add `requireLogin()` to all API files and remove all maintenance scripts (`fix_*.php`, `test_*.php`) from the production environment.

### 3. Hardcoded Credentials & Information Disclosure (High)
*   **Issue**: Plaintext database credentials in `php/includes/db.php` and detailed SQL errors in API responses.
*   **Likely Impact**: If an attacker gained partial access, these credentials allowed them full control over the database, potentially leading to data destruction or further lateral movement.
*   **Immediate Action**: Move credentials to an environment-specific config file and disable `display_errors` in production.

## Recommendations for Recovery
1.  **Audit Logs**: Check web server access logs for unusual POST requests to `php/api/create_member.php` or direct access to files in `uploads/members/`.
2.  **Integrity Check**: Compare current files against a known clean backup or Git history to identify all modified/missing files.
3.  **Secret Rotation**: Change the database password immediately, as it was stored in plaintext.
