TCH-Dick Posted November 19, 2004 Posted November 19, 2004 Just wanted to give a heads up to users of PHPNuke. There is an easily exploitable hole in the webmail module in PHPNuke that allows a spammer to send UCE (unsolicited commercial e-mail) AKA SPAM through a compromised PHPNuke site. We have suspended SEVERAL sites due to this exploit, and will continue to do so if we are made aware of any other exploited sites sending SPAM. The easiest way to fix this is to delete the webmail module from the modules folder. You also might want to look at your members. Usernames used have been lottocoordinator, programcoordinator, goldenlotto and like names. The person is using Yahoo and Yahoo.Co.Uk e-mail addresses to setup the accounts and then once verified logs into your system and begins sending hundreds of messages.
Recommended Posts