Embedded content upload hack - website defacement...

See: http://killmalware.com/bergit.no/#
See: https://www.virustotal.com/nl/url/248fab5eb5ca5496bae44769e016e186a13ffa86c48e50937a92654a280da365/analysis/1449181107/ (as always such defacements are not detected by VT).
See: http://quttera.com/detailed_report/bergit.no
index.html
Severity: Malicious
Reason: Detected malicious PHP content
Details: Website Potentially Defaced
Embedded content, images
-http://muslimvillage.com/wp-content/uploads/2011/09/I-am-a-muslim-please-dont-hate-me.jpg (-http://muslimvillage.com/wp-content/uploads/2011/09/I-am-a-muslim-please-dont-hate-me.jpg)
http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fbergit.no&useragent=Fetch+useragent&accept_encoding=

System Details:
Running on: Apache/1.3.39
Outdated Web Server Apache Found: Apache/1.3.39
and here we will find webserver header info proliferation:
Apache/1.3.39 (Unix) PHP/5.2.4 mod_throttle/3.1.2 FrontPage/5.0.2.2635 mod_psoft_traffic/0.2 mod_ssl/2.8.29 OpenSSL/0.9.7a ? OpenSSL/0.9.7a outdated → http://openssl.org/news/secadv/20151203.txt
Where the hack could have been performed: -http://web.osloweb.no/ same webserver talking too loud ???
http://toolbar.netcraft.com/site_report?url=http://web.osloweb.no

polonus (volunteer website security analyst and website error-hunter)