I'm using XPSP2 with phpbb2.0.19.
Today I was notified of a new user, which I thought was a spamer/hacker type. So I went to delete the user, and when I clicked on Submit a pop up came up asking me if I want to change the password for my user account.
I clicked no and it removed the spam/hacker user, but I'm not sure what else may have happened.
So if anyone has any ideas please let me know.
EDIT 26 March
"I didn't mod the phpbb forum as I was waiting to see if it would happen again. Today i have a new hacker, and what they have done is :
When I go to delete their account, not having activated it automatically, they have their user name altered to mine 'roger' , their email address, with what looks like my password, (by the number of characters). This fits in with the pop-up I get asking me if I want to change my user password as mentioned before.
Seems like they are trying to access my admin account by getting my password emailed to them.
Here's an image of the admin page
See last post, as this doesn't seem to be a hack attempt, but a bug shown-up by a spammer
END EDIT 26 march
An image of the popup can be seen at http://rogerlovejoy.info/phpbb/images/popup1.png