I had a ubuntu/apache system hosting dolibarr v15. systemctl status apache2 showed a curl command calling code in an external IP that should not be there. How could a hacker have planted that command into my system?
I have created a new v21 system environment and imported an sql dump of the old v15 system into it. I then dropped quite a few tables out of the database because I wasnt sure they were not compromised.
Now I navigate to /install hoping to do an upgrade. However it only offers me a fresh install. I think I must have dropped a table it must have needed to recognise the existing as a v15 database.
I have followed the advise of ChatGPT ! 
in recreating a few blank tables like llx_const and llx_rights_def it said I needed.
Of course I could import entirely the full v15 database but I’m a bit scared of bringing in something compromised.
Any advise much appreciated.
