PHP-Nuke is a popular Web content management system based on PHP and various databases. Once upon a time it was an open-source platform, but is now commercial software. Nonetheless, it is still very popular and its main website provides handy resources for those who use it.
According to Websense researchers, the phpnuke.org website has been compromised and has been serving several exploits:
By using iFrame-redirection in order to hijack the user’ browsers, running them through a series of sites and finally land them on a malicious page, the authors of this compromise have been trying to exploit two documented vulnerabilities in Internet Explorer and one in Adobe Reader.
The first two exploits attempt to download a Trojan which, when executed, makes the computer attempt to visit a string of malicious websites and probably download more malware.
The last one is a PDF exploit that actually combines three exploits.