A client of ours has a PHP Nuke website and he wants to install phpBB but the module he has is based on phpBB version 1.2. Is it safe to install this? When I Google to "phpBB 1.2 vulnerabilities" there are a lot of results. Is it possible to secure it when you disable some features like avatars (I read something about malicious avatar uploads), if you disable HTML in posts and sigs, etc.? Or is it just too dangerous? My customer doesn't need anything fancy, just a basic forum but of course it would be nice if he could just install that module since he already has it. Basically what I need is someone to secure my forum but... it has to be bullet-proof and really secure. In a PMB please let me know what you suggest and I will select a bid based on that.