Porn Links on our site

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • white_2kgt
    Senior Member
    • Oct 2003
    • 108

    Porn Links on our site

    This just happened today. Someone post profanity (which is allowed) then in a few minutes some of the words change to links to porn sites.



    Earlier when that post was made no words were underlined, then one of them was now two of the words are underlined. Does anyone know what the problem is??? DO NOT CLICK ON THE LINKS UNLESS YOU WANT 1,000 POPUPS OF ADULT RELATED IMAGES.

    please help!!!

    -c
  • Steve Machol
    Former Customer Support Manager
    • Jul 2000
    • 154488

    #2
    Do you allow HTML in your posts? If so, disable this.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment

    • Jimmy Kane
      Senior Member
      • Dec 2003
      • 311
      • 3.0.7

      #3
      Originally posted by Steve Machol
      Do you allow HTML in your posts? If so, disable this.
      vB code is On
      Smilies are On
      [IMG] code is On
      HTML code is Off

      maybe someone set up a replacement so that those words got converted into a link?

      Comment

      • Steve Machol
        Former Customer Support Manager
        • Jul 2000
        • 154488

        #4
        Have you installed any hacks (including portals) or added any code to the headinclude, header or phpinclude templates? If not, fill out a support ticket at:



        Be sure to include the login info to your Admin CP, phpMyAdmin and FTP. If you have installed hacks or added code, then remove the hacks first then check and see if you still have this problem. If so, leave the default vB files in place and fill out the support request.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment

        • Zachery
          Former vBulletin Support
          • Jul 2002
          • 59097

          #5
          Dont forget you can have html enabled in sigs as well that could have enabled this

          Comment

          • white_2kgt
            Senior Member
            • Oct 2003
            • 108

            #6
            Well is there any history of something like this happening? It hasn't happened in the past 8hrs or so. How can having HTML enabled allow some remote script/bot to search for key words and replace them w/ hyperlinks. I thought that's why we had login's and such...

            -c

            Comment

            • Zachery
              Former vBulletin Support
              • Jul 2002
              • 59097

              #7
              enabling HTML will enable someone to put any html tags into their post, anything that can be done with html. java exploits, posting swf or movies or even sound in their posts / sigs

              Comment

              • white_2kgt
                Senior Member
                • Oct 2003
                • 108

                #8
                Originally posted by Zachery
                enabling HTML will enable someone to put any html tags into their post, anything that can be done with html. java exploits, posting swf or movies or even sound in their posts / sigs
                The users's did not do this. Something is going through the forum and doing it automatically. IE something is editing a users post w/o their consent. The users reporting this problem are not the ones doing it. Something else is dare I say, 'hacking' the software or the database. Are there any known vunerabilities in vB 3 that could lead to this problem?

                -c

                Comment

                • Vigile
                  Senior Member
                  • Oct 2000
                  • 376

                  #9
                  Originally posted by white_2kgt
                  The users's did not do this. Something is going through the forum and doing it automatically. IE something is editing a users post w/o their consent. The users reporting this problem are not the ones doing it. Something else is dare I say, 'hacking' the software or the database. Are there any known vunerabilities in vB 3 that could lead to this problem?

                  -c
                  fwiw, i dont see any links that lead anywhere other than the normal links found in a VB forum.

                  I suggest whomever is seeing these 'links' run something like one of these on their system.




                  Comment

                  • Steve Machol
                    Former Customer Support Manager
                    • Jul 2000
                    • 154488

                    #10
                    Originally posted by white_2kgt
                    Are there any known vunerabilities in vB 3 that could lead to this problem?
                    -c
                    No. There are no known vunerabilites in vB3.
                    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                    Change CKEditor Colors to Match Style (for 4.1.4 and above)

                    Steve Machol Photography


                    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                    Comment

                    • white_2kgt
                      Senior Member
                      • Oct 2003
                      • 108

                      #11
                      Originally posted by Vigile
                      fwiw, i dont see any links that lead anywhere other than the normal links found in a VB forum.

                      I suggest whomever is seeing these 'links' run something like one of these on their system.




                      http://www.safer-networking.org/index.php?page=download
                      yea, I removed the links and it doesn't appear as though they are happening again. I will check out the software and suggest it to the forum.

                      thanks,
                      -c

                      Comment

                      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                      Working...