https://www.webmaster-forums.net/crss/node/1017701 en https://www.webmaster-forums.net/server-side-scripting/alert-php-flaw-leaves-sites-vulnerable#comment-1103492 <p>The main vulnerbility was with file uploads through PHP. Of course, file uploads in my opinion are never a good thing unless they are in an admin area. Their is a possible vulnerbility that exists through Vbulletin with file uploads. This site is fairly safe since the only file upload granted to the public is avatars.</p> <p><a href="http://www.vbulletin.com/forum/showthread.php?s=&amp;threadid=40711" class="bb-url">Here</a> is Vbulletin's announcement on the subject.<br /> <a href="http://security.e-matters.de/advisories/012002.html" class="bb-url">Here</a> is more info.</p> Thu, 28 Feb 2002 12:49:05 +0000 mairving comment 1103492 at https://www.webmaster-forums.net