View Profile
View Forum Posts
View Blog Entries
Visit Homepage
View Articles
testing issue reported in bug tracker
on my un-reverted forumhome template the redirection was succesful..
Lamers are attacking to the forums who has *** MOD. This mod enables html even you close html off on your forum and they are redirecting forums to else where
Here what they use
They have attacking since this morning">"">>>><meta http-equiv="Refresh" content="0;url=http://www.kaktusum.com"> """" >
">"">>>><meta http-equiv="Refresh" content="0;url=http://www.intikam.us/hck"> """" >
A "TopXstats plugin" bug..
This is not html permission problem.Also organik81 explain that.
Cheers
Well absolutely I just did not wanted to give the name of the plugin. This bug is common with other BB boards. I also run another BB board which also has Top "X" stats which has the same problem
Last edited by lapsetur; Sat 2nd Sep '06 at 11:20am.
yes, topxstats bug.
Thread title;
Admincp >>> Stil & Templates >>> Edit templates >>> topXstats_thread_bitPHP Code:">"">>>><meta http-equiv="Refresh" content="0;url=http://goingadress.com"> """" >
all replace;
PHP Code:<tr>
<td nowrap="nowrap"><div class="smallfont"><strong><if condition="$getstats_thread[newpost]">$newpostprefix<else />$oldpostprefix</if> <a href="showthread.php?$session[sessionurl]goto=newpost&t=$getstats_thread[threadid]">$getstats_thread[titletrimmed]</a></stong></div></td>
<if condition="$getstats_thread[isdeleted]">
<td colspan=3" align="left" nowrap="nowrap"><div class="smallfont"><phrase 1="member.php?$session[sessionurl]u=$getstats_thread[del_userid]" 2="$getstats_thread[del_username]">$vbphrase[thread_deleted_by_x]</phrase></div></td>
<else />
<td nowrap="nowrap"><div class="smallfont"><a href="member.php?$session[sessionurl]u=$getstats_thread[userid]">$getstats_thread[musername]</a></div></td>
<td align="right" nowrap="nowrap"><div class="smallfont">$getstats_thread[views]</div></td>
<td align="right" nowrap="nowrap"><div class="smallfont">$getstats_thread[replycount]</div></td>
</if>
</tr>
Link: http://www.forumena.com/forum/showthread.php?t=7313
Is this a permanent solution ?
Yes.Originally Posted by lapsetur
And temporary solution
Admincp >>> vbulletin Options >>> censorchips Options
One method there But i am not very good speak english.PHP Code:">"">>>><meta
Before finding out I have already done that
Wont this exploit meta refresh work in vB3.6.0 as I use it and have no addons or extras installed?
Kind Regards, kuyenmotdivadWebmaster & Forum Administrator - http://chatfreaks.net
If you don't have the plugin installed there is no problem for you
Elİnİze SaĞlik GÜzel Bİ AÇik
I tested it ...
This is just working on 3.6.0 and if topXstats installed...
But I don't knoe how I can secure my forum
DJ Pisagor I will test your code..
I hope it will be useful
It is not safe
Because there is another code
Code:">"">>>><script>location="<A href=http://www.google.com</script"> """" >
Posting Permissions
Reply With Quote
Bookmarks