vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   html exploit (https://vborg.vbsupport.ru/showthread.php?t=183845)

Eclyps19 06-29-2008 01:23 AM
html exploit
 
I've got someone posting the following at the end of all of their messages which causes a permission error...

Quote:
<meta http-equiv="refresh" content="0;http://www.cashflick.com/temp/.login.html">
any way to prevent this other than disabling html?

Videx 06-29-2008 01:27 AM
Don't you have a rule against spam? Infract his butt.

But, I think for general security issues, you should have html posting disabled.

Eclyps19 06-29-2008 01:33 AM
oh boy... someone stealing passwords i think... check that link...

http://www.cashflick.com/temp/.login.html

--------------- Added [DATE]1214707352[/DATE] at [TIME]1214707352[/TIME] ---------------

never mind. link is down now...

it was basically a replica of the "log in" part on my website...

well, html is disabled on all forums now (and is staying that way). guess i need to make a news post telling ppl to change passwords... =\

Marco van Herwaarden 06-29-2008 08:38 AM
Quote:
Originally Posted by Eclyps19 (Post 1561678)
I've got someone posting the following at the end of all of their messages which causes a permission error...



any way to prevent this other than disabling html?
If you have HTML enabled, please turn it off immediate. There will be no end to hackig your board if you leave it on.


All times are GMT. The time now is 05:59 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01028 seconds
  • Memory Usage 1,714KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete