Re: PHP-Nuke Avatar Code injection vulnerability

last "}" paste this.. } else { echo "delusion ownz j00"; } make sure u keep all the {}'s in their correct places, dont remove any. and of course you can change the message to whatever you want ;) Have fun, -delusion http://www.digital-delusions.com ----- Original Mess

PHP-Nuke Avatar Code injection vulnerability

--- Affected Versions: PHP Nuke versionh 6.0 and below Unaffected version: PHP Nuke 6.5 Impact: --- Allows any user to inject their own HTML or Java code instead of an avatar image. This can lead to very annoying for