The Dutch online IT magazine webwereld.nl reports that hosting providers such as Digitalus and D-hosting are increasingly being confronted with all sorts of problems caused by security vulnerabilities in the content management systems used by their clients.

Joomla, Drupal and Mambo are the three cms's mentioned in the article as the main culprits (or at least, the users of these systems not updating their software). The hosting providers were able to solve part of the issues by changing some PHP settings, but also continuously urge their customers to apply security updates as soon as they become available.

Luckily, the update module, which notifies the user as soon as there's a new version available of a module that is currently in use, will ship with Drupal 6. Hopefully this will ease the pain a bit.

On the other hand, the GPL states that anyone is free to modify or extend the software to their liking, so security issues will always exist and are often beyond the control of the software community itself.

On a side note, the article mentions that 10% to 20% of D-hosting's clients use Joomla. No statistics were given for Drupal though.