A security issue was found in all versions of PHP, including 3.x and 4.x versions.
If you are running PHP on your server (i'm sure you all here are
), either upgrade your php or install the patch found at php.net
If you can't upgrade your php, because your site is hosted by an ISP, tell them to do so as soon as possible.
This is NOT a security hole of XOOPS. It doesn't matter which php script you use on your server, since this is a problem in PHP itself.
-- Update --
By BoobToob, Thursday Feb. 28th, 2002
Please read the full text of this artile. I posted the submission from Security Focus
that gets very specific about what versions of PHP are affected and how to plug your current holes. I'm sending this to my ISP as we speak.