1
This is just a notice to all users that besides actually reading the README files included with most apps and modules you need to protect any install and upgrade directories and files.
Usually you want to remove/delete any install or upgrade files after finishing your admin tasks. There is no garanty that those scripts won't cause major grief if run again by the crackers.
At least once per day I get attempts on my sites trying to run install and upgrade scripts (besides the usual crack attempts). Sometimes they point at modules I actually have and sometimes at modules I don't. Clearly the cracker vandals are XOOPS savy and trolling this site for victims. Sometimes they come in via links from xoops.org, directly, and from a google search for specific or generic XOOPS sites (they look for XOOPS sites, not your content).
So head's up, mind your admin tasks and cleanup after any installs and maintenance. It is also wise to setup robots.txt to prevent search engine indexing of modules that have no value being in the search indexes, but that is another topic.