Downloads & Web Links vulnerability Patch Date: Thursday, October 09 @ 18:41:22 PDT Topic: Bugs Recently a sql injection vulnerability has been reported that relates to the Downloads and Web Links modules where an admin account can be created by passing a sql line through the $cid variable, i have patched both modules not only to block this code to be passed through the $cid variable but on all similar variables as well, patch your websites. Download here This article comes from PHP-Nuke Support http://www.phpnuke-uk.net The URL for this story is: http://www.phpnuke-uk.net/modules.php?name=News&file=article&sid=128