 |
 |
Hi, everyone! This is more of a web server thing, but I figure some people are maintaining web servers too, so... Is anyone else running phpBB? I've been noticing some odd activity that I think may be a spamming exploit in the profile.php, but I wanted to see if there is anyone else noticing people setting up bogus accounts on forums. The mail from their account creation bounces back and most of them are less than tasteful account names. In this I've found that if the profile.php within phpBB cannot find URL variables then it looks for form variables, which in turn makes it very vulnerable to XSS (Cross Site Scripting) attacks. I haven't found any particular exploits or known vulnerabilities that do exactly what I'm seeing which is why I think it may be a form of spam exploit. Or just naughty people trying to use my server to infect people using the avatar exploit that also exists in profile.php. Anyway, any one else seeing odd mail bounce backs from bogus accounts or profile.php showing up in the logs with no URL variables attached? Missy Koos Webmistress & Database Developer Student Affairs & Services Michigan State University 113 Student Services Building East Lansing, MI 48824 517.355.9510 x138