Help Center Live Community
April 19, 2014, 01:15:49 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: [Vulnerability Bug Security] in Help Center Live 2.1.5  (Read 4055 times)
peopleinside
Not too much to say...
*
Offline Offline

Posts: 1


WWW
« on: January 17, 2008, 05:59:47 PM »

 Wink Hi Evrithing!
I Think Help Center Live It's Fantastic! BUT i have find ONE important VULNERABILITY!

The vulnerability is when ALL OPERATOR are BUSY OR NOT ON-LINE
and there are contact form. A "bad visitator" can send illimitate mail becouse
the system don't check if e-mail is correct.

With help center live contact form you cand send forum without insert ANITHING on the text box.
If bad visitator use send bottom many, many white mail are send to you.

I hope for this bug will be correct in future version with a simple check,
MAIL MAST BE COMPILED.

If you open a contact form of help center live and push send,
the module send e-mail without any text box compiled!
Logged
HCL Admin
Administrator
HCL Superstar
*****
Offline Offline

Posts: 882


WWW
« Reply #1 on: January 19, 2008, 02:10:44 PM »

The entire contact system is slated for rework.  I truely hate contact forms that send mail, since the bad guys always find a way to manipulate it.
Logged

how may I help you today?
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.8 | SMF © 2006-2008, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
Page created in 0.154 seconds with 19 queries.

Google visited last this page April 13, 2014, 05:53:26 PM