Help Center Live Community
May 21, 2013, 10:10:43 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Help Center Live Community > General > General Discussion (Moderator: HCL Admin) > [Vulnerability Bug Security] in Help Center Live 2.1.5
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Vulnerability Bug Security] in Help Center Live 2.1.5  (Read 3563 times)
peopleinside
Not too much to say...
*
Offline Offline

Posts: 1


WWW
« on: January 17, 2008, 05:59:47 PM »
 Wink Hi Evrithing!
I Think Help Center Live It's Fantastic! BUT i have find ONE important VULNERABILITY!

The vulnerability is when ALL OPERATOR are BUSY OR NOT ON-LINE
and there are contact form. A "bad visitator" can send illimitate mail becouse
the system don't check if e-mail is correct.

With help center live contact form you cand send forum without insert ANITHING on the text box.
If bad visitator use send bottom many, many white mail are send to you.

I hope for this bug will be correct in future version with a simple check,
MAIL MAST BE COMPILED.

If you open a contact form of help center live and push send,
the module send e-mail without any text box compiled!
Logged
HCL Admin
Administrator
HCL Superstar
*****
Offline Offline

Posts: 882


WWW
« Reply #1 on: January 19, 2008, 02:10:44 PM »
The entire contact system is slated for rework.  I truely hate contact forms that send mail, since the bad guys always find a way to manipulate it.
Logged
how may I help you today?
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.8 | SMF © 2006-2008, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
Page created in 0.166 seconds with 20 queries.

Google visited last this page May 18, 2013, 06:04:59 AM