WARNING! PHP-Nuke package to highjack userinfo


Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
Share:
Sponsors:

taken from nukescripts.net ;

After having recieved a report from one of my users that a new PHP-Nuke package seemed to cause him to get spanish spam I opened the package and found that the Your Account module has 3 calls to copy any new user info to another site. The package is called PHP-Nuke 7.8 RC8 OP ES. This is just one case of never using non-trusted sites packages!

Note: Please feel free to copy this article to your own sites

Article submitted by: Some1
Last Update: 08-21-2005
Category: Security

Print | E-mail


Current rating: 5.66 by 50 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.


Related News Stories

(9,455 reads) 07-05-2008
 · Fusion Security
(15,130 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(13,896 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(15,362 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(13,868 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(14,618 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(14,644 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(14,374 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(18,211 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(14,600 reads) 10-01-2006
 · ipBan Modification