PostNuke Open Source CMS Attacked
ValourX writes "This morning the developers of the free software content management system PostNuke posted a security announcement saying that a vulnerability in the paFileDB download management software allowed an attacker to put up a hacked version of PostNuke for download. That version was live on the PostNuke download site between Sunday at 23:50 GMT and Tuesday at 8:30 GMT. Proprietary software zealots are always saying that open source programs are likely to contain backdoors, but is this situation truly what they mean when they say that? NewsForge (part of OSTG) has the story."
Infamous, you mean?
PHP-Nuke is just that - infamous for being horribly insecure, because a) the main developer is fairly amateur (by his own admission I recall) and b) PHP encourages insecure coding practices.
PHP is seriously one of the worst languages in wide use today.