Backdoor access allows an attacker to place any malicious code on the site. A backdoor can be inserted into a valid file as only one short line of code that looks rather innocent. Backdoors can look like normal php code or obfuscated (intentionally obscured to make code ambiguous) and hidden. They allow attackers access to all of the files within the hosting account.
A malicious backdoor is code that allows unauthorized and often unrestricted access to a compromised site.
