vb.org Archive - Attention Everyone

Page 1 of 2

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)

- - Attention Everyone (https://vborg.vbsupport.ru/showthread.php?t=73139)

Gio~Logist

12-20-2004 11:10 PM

Attention Everyone

i dont know if it has come to anyone's attention but i have been trying to hack my own site and mess with it myself to see if there are any security wholes on vb that i can fix to protect myself, im here trying all this high tech stuff when i notice that a simple little code in your signature can make the site redirectt wherever you post

<head>

<META HTTP-EQUIV="refresh" content="2;URL=http://www.************.com">

</head>

inserting that in your signature when html sigs are available will make the site redirect

now that i know how to DO it, is there any way to STOP PEOPLE FROM DOING IT!!?!?!?

cinq	12-20-2004 11:31 PM

disable html ?

Caiman

12-20-2004 11:32 PM

Quote:

Originally Posted by cinq

disable html ?

Quite, I didn't know ANYONE still allowed HTML in signatures :rolleyes:

Gio~Logist

12-20-2004 11:58 PM

yes i did that but now i dont feel like going and making a vb code for all these different codes that members like to use in profiles like drop downs and all of that

and half of the rapboards allot html in their sigs, which is dum cuz rapboards are the boards that get haked the most

filburt1

12-21-2004 12:27 AM

Quote:

Originally Posted by gio~logist

and half of the rapboards allot html in their sigs, which is dum cuz rapboards are the boards that get haked the most

Put 2-and-2 together. There's a reason the only bolded part in a description in vB's admin CP is to keep HTML off.

Gio~Logist

12-21-2004 12:39 AM

Indeed, my site is safe, this is not about my site. Its for other sites so i can tell them a way to be secure without having to disable html

If there is a way.....

Reeve of shinra

12-21-2004 12:46 AM

bbcode ?!?

Gio~Logist

12-21-2004 01:33 AM

Quote:

Originally Posted by Reeve of shinra

bbcode ?!?

what?

Dean C

12-21-2004 10:42 AM

It clearly says in the admincp that HTML should be turned on with moderation as it's a security risk., as in you should keep a close-eye on who uses it.

deathemperor

12-21-2004 11:59 AM

Quote:

Originally Posted by Reeve of shinra

bbcode ?!?

he meant you can try replacing html code with bbcode. that's the only way.

All times are GMT. The time now is 10:52 PM.

Page 1 of 2

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01046 seconds Memory Usage 1,726KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (4)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: