IMPORTANT!
Quote from Invision Power Board:
Download the security vunerability fix from http://forums.invisionpower.com/index.php?...=ST&f=1&t=51540It has come to our attention that there is a security vunerability with all versions of Invision Power Board *if* your PHP installation has register_globals set to "on" (again).
The fix is very simple. Just download the attached zip package, unzip and upload the contents (ad_member.php) to your live Invision Power Board installation (ipb/sources/Admin/).
The download distribution has been updated but the version number has not been incremented to protect slow upgraders.
My thanks to those who brought this problem to my attention before releasing the information to "help" sites such as bugtraq.
NOTE:You will need to upgrade to Invision Board 1.1.1 before you download the fix.