Another Joomla Exploit that was not stoped.
The logs (See how the attacks masked has a googlebot:
37.238.101.224 - - [21/Feb/2015:04:33:30 +0000] “POST //components/com_jinc/classes/graphics/php-ofc-library/ofc_upload_image.php?name=hat.pHp HTTP/1.1” 404 415 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)”