Hey all, very recently we received a notification from our WHM that there were two file paths to ipb_converge.php files that were flagged as malware utilizing SQL injection. Taking a look at both of these files, they are both identical, and all lines of code seem to be very well documented. They also have not been touched or modified since 2012, so we're wondering if they're in the right place or even necessary. It also seems odd that one of them resides within a css folder structure.
Happy to provide any additional information, just seems odd that they're being flagged just now.
Paths to files, just to know if they are actually in the proper place:
public_html/forum/public/min/ipb_converge.php
public_html/forum/public/style_css/ipb_converge.php