GEN:SID 1:2286
Message WEB-PHP friends.php access
Summary This event is generated when an attempt is made to exploit a known
vulnerability in a PHP web application running on a server.
Impact Unauthorized electronic mail relaying.
Detailed Information This event is generated when an attempt is made to access the script
friends.php included in the PHP application vbPortal. This may indicate
an attempt to use the server as an email relay.
Affected Systems All systems running the PHP application vbPortal
Attack Scenarios The attacker could access the friends.php script directly to send spam
email to thousands of recipients using the server as a relay.
Ease of Attack Simple. Exploits exist.
Corrective Action Ensure the system is using an up to date version of the software and has
had all vendor supplied patches applied.
Additional References  
Rule References bugtraq: 9088