WARNING! PHP-Nuke package to highjack userinfo


Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
Share:
Sponsors:

taken from nukescripts.net ;

After having recieved a report from one of my users that a new PHP-Nuke package seemed to cause him to get spanish spam I opened the package and found that the Your Account module has 3 calls to copy any new user info to another site. The package is called PHP-Nuke 7.8 RC8 OP ES. This is just one case of never using non-trusted sites packages!

Note: Please feel free to copy this article to your own sites

Article submitted by: Some1
Last Update: 08-21-2005
Category: Security

Print | E-mail


Current rating: 5.66 by 50 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.


Related News Stories

(9,159 reads) 07-05-2008
 · Fusion Security
(14,842 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(13,616 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(15,058 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(13,554 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(14,340 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(14,382 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(14,102 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(17,953 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(14,332 reads) 10-01-2006
 · ipBan Modification