In-Reply-To: <000701c1452f$7f3fc670$8119fea9@supergate> >Systems Affected >all the versions ARE vulnerable >except '5.0 RC1' (i wonder why a released c. is ok while the final 5.2 is >bugged) <snip> >conclusions: >yet another bug of php nuke... this software is used by thousands of >people... (we run something based on it too) i hope that this time the >author will reply soon and will release a patch too! Just FYI, this was patched in PHPNuke 5.3, released way back in November 2001 - perhaps SecurityFocus can update the attack description to reflect this so that people running later versions don't worry unnecessarily? Jessica
