WARNING!!!!!! PHP-Nuke package to highjack userinfo Date: Sunday, August 21, 2005 @ 2:00 AM CDT Topic: Security Advisory After having recieved a report from one of my users that a new PHP-Nuke package seemed to cause him to get spanish spam I opened the package and found that the Your Account module has 3 calls to copy any new user info to another site. The package comes from PHP-Nuke 7.8 RC8 OP ES. This is just one case of never using non-trusted sites packages! All articles relating to the different variants of this package have been deleted from every site i manage, newly submitted ones will not be posted. This article comes from Nuke Resources http://www.nukeresources.com The URL for this story is: http://www.nukeresources.com/modules.php?name=News&file=article&sid=1222