!!! WARNING !!! PHP-Nuke package to highjack userinfo !!! WARNING !!!
Date: Sunday, August 21 @ 01:21:28 CEST Topic: Security
After having recieved a report from one of my users that a new PHP-Nuke package seemed to cause him to get spanish spam I opened the package and found that the Your Account module has 3 calls to copy any new user info to another site. The package comes from PHP-Nuke 7.8 RC8 OP ES. This is just one case of never using non-trusted sites packages!
|
|