Another hole in phpnuke portal systems Date: Thursday, September 16, 2004 @ 9:45 AM CDT Topic: Security Advisory There is a new dangerous hole in phpnuke portal system ( 7.4 and older versions ) . In this case hacker deletes existing admins first using a very simple HTML from . Now because of there isn't any admin for the system he can create the first super admin... and he access the site's admin panel and can change in site contents, delete contents and ... Please update your site using latest security patch by Chatserv or rename your admin.php for a quick fix. More information at : Iranportals.com Iranportals.net If your server allows .htaccess files limit access to your admin.php file by adding your ip and maybe that of your other admins to the .htaccess file in the following manner: <Files "admin.php"> Order allow,deny deny from all Allow from your_ip Allow from 2nd_ip Allow from 3rd_ip </Files> This article comes from Nuke Resources http://www.nukeresources.com The URL for this story is: http://www.nukeresources.com/modules.php?name=News&file=article&sid=823