Did anyone see that post in the blog about the "serious security issue"?? I think most people dismissed it because it was by someone new.. I followed the link to his blog and it shows some code he found in /inc/admin.inc.php that is base64 encoded.. he decoded it and it looks like a back door for boonex to insert a user name and password in the admin table!?!
I still have one site using 6.0003 and I checked and the code IS there!!! Anyone care to explain this?
http://english.youshare.jp/blogs.php?action=show_member_post&ownerID=15&blogID=7&post_id=126