FUDforum: Bug Reports » Strange edit issue, possible malicious code?

Home » FUDforum Development » Bug Reports » Strange edit issue, possible malicious code?

Show: Today's Messages :: Polls :: Message Navigator

Strange edit issue, possible malicious code? [message #165308]

Mon, 23 May 2011 14:14

gotzoom?

Messages: 20
Registered: December 2006
Location: Silicon Valley, CA

Karma:

Junior Member

I'm having an odd issue on 3.0.2.

When users link to a Google Picassaweb album, the URL displays and clicks through properly. When you quote a post, it displays there properly in the editor box, as well. However, when you edit the post, the "google" portion of the url gets replaces with "cheapairfare." When you save the edited post, the url reverts back to google again and the link operates properly. I have tested with non-google urls and I do not see this behavior.

Example:

[url=https://picasaweb.google.com/viettamluu/1999MiataForSale?authkey=Gv1sRgCL_q7eKW-amo1QE#]this link[/url]

turns into

[url=https://picasaweb.cheapairfare.com/viettamluu/1999MiataForSale?authkey=Gv1sRgCL_q7eKW-amo1QE#]that link[/url]

when the post is edited

I had an issue with spammers posting crap and using email addresses that contained "cheapairfare" so I added an email filter to ban anything from the domain they used.

This feels like a bug rather than the result of a vulnerability to me. Any thoughts on where I can go looking in the code to verify that I haven't been hacked? The server shows no signs of having been compromised.

[Updated on: Mon, 23 May 2011 14:15]

Report message to a moderator

[Message index]

		Strange edit issue, possible malicious code? By: gotzoom? on Mon, 23 May 2011 14:14
		Re: Strange edit issue, possible malicious code? By: gotzoom? on Mon, 23 May 2011 14:38
		Re: Strange edit issue, possible malicious code? By: naudefj on Mon, 23 May 2011 14:42
		Re: Strange edit issue, possible malicious code? By: gotzoom? on Mon, 23 May 2011 15:03
		Re: Strange edit issue, possible malicious code? By: naudefj on Mon, 23 May 2011 15:40
		Re: Strange edit issue, possible malicious code? By: gotzoom? on Mon, 23 May 2011 16:45
		Re: Strange edit issue, possible malicious code? By: naudefj on Mon, 23 May 2011 17:04

Previous Topic:	Strange character appearing in piped mail
Next Topic:	Banned Users, Threads locking, threads moving

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Sep 26 23:26:26 GMT 2024

Total time taken to generate the page: 0.05436 seconds