Announcement

Collapse
No announcement yet.

">"">>>><meta http-equiv="Refresh" content="0;url=ht

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ">"">>>><meta http-equiv="Refresh" content="0;url=ht

    testing issue reported in bug tracker
    Scott MacVicar

    My Blog | Twitter

  • #2
    on my un-reverted forumhome template the redirection was succesful..

    Comment


    • #3
      Lamers are attacking to the forums who has *** MOD. This mod enables html even you close html off on your forum and they are redirecting forums to else where

      Here what they use

      ">"">>>><meta http-equiv="Refresh" content="0;url=http://www.kaktusum.com"> """" >

      ">"">>>><meta http-equiv="Refresh" content="0;url=http://www.intikam.us/hck"> """" >
      They have attacking since this morning

      Comment


      • #4
        A "TopXstats plugin" bug..

        Comment


        • #5
          This is not html permission problem.Also organik81 explain that.

          Cheers

          Comment


          • #6
            Well absolutely I just did not wanted to give the name of the plugin. This bug is common with other BB boards. I also run another BB board which also has Top "X" stats which has the same problem
            Last edited by lapsetur; Sat 2nd Sep '06, 7:20am.

            Comment


            • #7
              yes, topxstats bug.
              Thread title;
              PHP Code:
              ">"">>>><meta http-equiv="Refresh" content="0;url=http://goingadress.com"> """" > 
              Admincp >>> Stil & Templates >>> Edit templates >>> topXstats_thread_bit
              all replace;
              PHP Code:
              <tr>
               <
              td nowrap="nowrap"><div class="smallfont"><strong><if condition="$getstats_thread[newpost]">$newpostprefix<else />$oldpostprefix</if> <a href="showthread.php?$session[sessionurl]goto=newpost&amp;t=$getstats_thread[threadid]">$getstats_thread[titletrimmed]</a></stong></div></td>
                              <if 
              condition="$getstats_thread[isdeleted]">
              <
              td colspan=3" align="left" nowrap="nowrap"><div class="smallfont"><phrase 1="member.php?$session[sessionurl]u=$getstats_thread[del_userid]" 2="$getstats_thread[del_username]">$vbphrase[thread_deleted_by_x]</phrase></div></td>
                              <else />
              <td nowrap="
              nowrap"><div class="smallfont"><a href="member.php?$session[sessionurl]u=$getstats_thread[userid]">$getstats_thread[musername]</a></div></td>
                              <td align="
              right" nowrap="nowrap"><div class="smallfont">$getstats_thread[views]</div></td>
                              <td align="
              right" nowrap="nowrap"><div class="smallfont">$getstats_thread[replycount]</div></td>
                              </if>
                          </tr> 


              Link: http://www.forumena.com/forum/showthread.php?t=7313

              Comment


              • #8
                Is this a permanent solution ?

                Comment


                • #9
                  Originally posted by lapsetur View Post
                  Is this a permanent solution ?
                  Yes.
                  And temporary solution
                  Admincp >>> vbulletin Options >>> censorchips Options
                  PHP Code:
                  ">"">>>><meta 
                  One method there But i am not very good speak english.

                  Comment


                  • #10
                    Before finding out I have already done that

                    Comment


                    • #11
                      Originally posted by Scott MacVicar View Post
                      testing issue reported in bug tracker
                      Wont this exploit meta refresh work in vB3.6.0 as I use it and have no addons or extras installed?

                      Comment


                      • #12
                        If you don't have the plugin installed there is no problem for you

                        Comment


                        • #13
                          Saolun

                          Elİnİze SaĞlik GÜzel Bİ AÇik

                          Comment


                          • #14
                            I tested it ...
                            This is just working on 3.6.0 and if topXstats installed...

                            But I don't knoe how I can secure my forum
                            DJ Pisagor I will test your code..
                            I hope it will be useful

                            Comment


                            • #15
                              Originally posted by DJ PİSAGOR View Post
                              Yes.
                              And temporary solution
                              Admincp >>> vbulletin Options >>> censorchips Options
                              PHP Code:
                              ">"">>>><meta 
                              One method there But i am not very good speak english.
                              It is not safe
                              Because there is another code
                              Code:
                              ">"">>>><script>location="<A href=http://www.google.com</script"> """" >

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X