I was just checking WOL, and a member who had just created a spam thread (which I promptly deleted) was browsing an odd location: (Click) View attachment 389 The location they were is: http://www.adminaddict.net/forum/autotagger_ajax.php?do=gettags&tags_remain=25&forumid=38&userid=747&title=For%20Sale:%20Apple%20Iphone%203gs%2032g%20for%20%E2%82%AC275&existing= Code: [noparse]http://www.adminaddict.net/forum/autotagger_ajax.php?do=gettags&tags_remain=25&forumid=38&userid=747&title=For%20Sale:%20Apple%20Iphone%203gs%2032g%20for%20%E2%82%AC275&existing=[/noparse] ... which, if you can't access, is just a text page with the following: That's the weirdest thing I've encountered in a while... :speechless:
dude..whats weird is I have seen members browsing thru my vHoist garage with a weird addy like that showin...so i clicked on it and it took me to an invaild page... how can this happen?
I used to use Zoints tags and used to get something similar quite a bit. I suspect they are trying to use some of sort of previous exploit to inject their own tags. I used to get it happening from a particular IP that would keep changing location so fast it hat to be a compromised computer being controlled. I usually ended up blocking the IP at server level.
I guess they are trying to exploit the forum system(Like mysql injections). I would personally deny them access by both a ban and the .htaccess file.
