The newest version of the Santy Worm, Santy.e, is threatening more web sites which use PHP scripting to produce dynamically database generated pages. The Santy Worm first surfaced last week, targeting sites which use the phpBB bulletin board/forum service.

http://www.searchenginejournal.com/index.php?p=1190

It's looking like other php based sites are vunerable. You will need to be careful about how you use requre() and include() statements.

Thanks for the heads up ;)

Well this expected as PHP is most common web development lang.

For some insight as to how a worm like this could function take a gander at this thread:

http://www.techjamaica.com/forums/showthread.php?t=2153

Use of the 'require()' and 'include()' function with form variables and query string values can be VERY dangerous.

php released a statement
http://www.php.net/security-note.php