Results 1 to 6 of 6
  1. #1
    Join Date
    Oct 2000

    Perl expert, need help..Matt's board script hole..

    Hi all,

    I'm using Matt's wwwboard and it seems that someone can easily hijacked the board simply put an HTTP refresh header command into the subject into a new thread so my board will automatically go to a porn site everytime someone load it.

    I'm not a perl expert, can someone help me to create a sub routine so everytime the 'subject' value contains a REFRESH word and the script will not post it?

    Thanks in advance.

  2. #2
    Join Date
    Jan 2005
    Why not remove any html tags from the subject?

    You're lucky they did not inject the <plaintext> tag.
    Please, call me RoF

    Cheap - Affordable Resellers -

  3. #3
    Join Date
    Jan 2003
    Is that dinosaur still around? It's one giant security hole. With two browser windows and some timing, you can blank the board. You should get a setup on one of the free message board sites -- more features, less problems.
    Game Servers are the next hot market!
    Slim margins, heavy support, fickle customers, and moronic suppliers!
    Start your own today!

  4. #4
    Hahaha the demo of that doesnt work lol

  5. #5
    Join Date
    Feb 2005
    If you really want to keep using wwwboard, change to the nms version. I've not tried it but generally these programs are compatible with Matt's originals and much better written...

    nms-cgi.sourceforge dot net/scripts.shtml

  6. #6
    I would second the suggestion to use another board software. There are any number of them that are free out there. You can check out and for some GOOD free scripts.
    Game control panels - control your game world your way.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts