some kid hacked the coppermine using a script simular to the "nst.php" uploaded it, got into the sever, and simply uplaoded the phish script. pretty easy to do actually, and a simple google search for "[subject],powered by coppermine" will give a extended list of possible targets for the exploiter to attack.
Paul Laudanski wrote:
I got sent a Chase phish email tonight and in checking it out it appears to be live on a Coppermine gallery installation. Is this a new exploit of Coppermine, or just this site hasn't been yet patched?A photo of the phish site with the URL (domain blacked out): http://castlecops.com/p728141-Mar_10_Phish_Alerts.html#728141