Weird...

I was just checking WOL, and a member who had just created a spam thread (which I promptly deleted) was browsing an odd location:

(Click) View attachment 389 ​

The location they were is: http://www.adminaddict.net/forum/autotagger_ajax.php?do=gettags&tags_remain=25&forumid=38&userid=747&title=For%20Sale:%20Apple%20Iphone%203gs%2032g%20for%20%E2%82%AC275&existing=

Code:

[noparse]http://www.adminaddict.net/forum/autotagger_ajax.php?do=gettags&tags_remain=25&forumid=38&userid=747&title=For%20Sale:%20Apple%20Iphone%203gs%2032g%20for%20%E2%82%AC275&existing=[/noparse]

... which, if you can't access, is just a text page with the following:

That's the weirdest thing I've encountered in a while... :speechless:

 

dude..whats weird is I have seen members browsing thru my vHoist garage with a weird addy like that showin...so i clicked on it and it took me to an invaild page...

how can this happen?

 

That is quite weird indeed! I'd like to know how such a page can be accessed so easily (and freely).

 

I used to use Zoints tags and used to get something similar quite a bit.

I suspect they are trying to use some of sort of previous exploit to inject their own tags.

I used to get it happening from a particular IP that would keep changing location so fast it hat to be a compromised computer being controlled. I usually ended up blocking the IP at server level.

 

I guess they are trying to exploit the forum system(Like mysql injections). I would personally deny them access by both a ban and the .htaccess file.