Announcement

Collapse
No announcement yet.

Strange Problem

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • karlm
    replied
    Thought I comprehend what you're saying, you have to admit if everyone retained the vanilla vbulletin - most forums would lack any personality or unique appeal. I'm generally careful on what I allow to be used on the forums, and I select the plugins carefully prior to eventually transferring from test-board to live-board status..

    Leave a comment:


  • Scott MacVicar
    replied
    I suggest you remove all third party modifications since this is where the flaw happens, we ensure that our own stock code isn't affected and can only assume that its a flaw within their code.

    Much more serious issues than a meta redirect can occur so its within your best interest to remove the offending plugin.

    Leave a comment:


  • karlm
    replied
    Thanks... I'll try it now

    Leave a comment:


  • The Finman
    replied
    Originally posted by Danecookie View Post
    Well, some users are using cheap hacking techniques to hack the front page of my forums. Like i get many hits per day, and many of them use html codes in the new thread "Title" area.. many of the peoples i got, did that and they were not sucessful, i just removed the thread.

    But yesterday a guy placed an html code in a new thread in my General Section and it worked, and due to that my front page started to get redirected to > http://srsrxxx.kayyo.com/

    Is this a flaw in vb? or what should i do to avoid this?

    Thanks
    We got hit with it yesterday.

    It's a really lame trick (more like an annoyance), but here is a very simple fix.

    Go into you AdminCP and under vB Options choose Censorship Options.

    In the Censored Words window add this.

    Code:
    {meta} >>>> {http-equiv} "Refresh" """"
    That will put an end this nonsense.
    Last edited by The Finman; Sun 3rd Sep '06, 5:57pm.

    Leave a comment:


  • Danecookie
    replied
    Well what should i do thennn?????

    Leave a comment:


  • Crow
    replied
    Originally posted by karlm View Post
    I'm not using topxstats, but I was using cyb advanced stats..
    I disabled that alone

    I see someone tried it here, too.

    http://www.vbulletin.com/forum/showthread.php?t=198958
    I just had this happen to my sites, I'm glad it didn't work for them tho

    Leave a comment:


  • karlm
    replied
    I'm not using topxstats, but I was using cyb advanced stats..
    I disabled that alone

    I see someone tried it here, too.

    http://www.vbulletin.com/forum/showthread.php?t=198958
    Last edited by karlm; Sun 3rd Sep '06, 8:38am.

    Leave a comment:


  • karlm
    replied
    I moved the last one to a hidden forum (junk) and that sorted it.
    Now I got a NEW one already, from http://clubplus.pl/ which proudly states itself as a hack-site.

    I'm not using the software (flashchat) etc. Hmmmm

    Leave a comment:


  • karlm
    replied
    Very coincidently, after a posting my above comment to disable html, my board got hacked this very day!!!
    I've read the thread and i'm not using either of the softwares listed.

    The site that my members & guests are being redirected to is

    http://turksecurity.org/forum/index.php

    Can the team behind vbulletin do something with these guys as they're using hacks and corrupting other folks' boards?

    Leave a comment:


  • Marco van Herwaarden
    replied
    Standard vBulletin don't evaluate HTML codes in thread titles. It sounds like the software you are using for your frontpage does however evaluate this. Not much vBulletin can do about this, i suggest you contact the author of your frontpage to have this fixed.

    PS Also see the following thread: http://www.vbulletin.com/forum/showt...34#post1202934

    Leave a comment:


  • karlm
    replied
    Disable HTML in the forum.
    AdminCP / Forum & Moderators / Forum Manager -> Edit Forum

    Leave a comment:


  • Danecookie
    started a topic Strange Problem

    Strange Problem

    Well, some users are using cheap hacking techniques to hack the front page of my forums. Like i get many hits per day, and many of them use html codes in the new thread "Title" area.. many of the peoples i got, did that and they were not sucessful, i just removed the thread.

    But yesterday a guy placed an html code in a new thread in my General Section and it worked, and due to that my front page started to get redirected to > http://srsrxxx.kayyo.com/

    Is this a flaw in vb? or what should i do to avoid this?

    Thanks
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X