Author Topic: BBCode Exploit  (Read 33654 times)

Badspot

  • Administrator
To "fix" this issue, I have removed 'table', 'tr', and 'td' from the bbcode parser.  I don't know if this is enough.  As far as I can tell, the exploit just involves a bunch of tags screwing up the page layout and does not allow for arbitrary html injection.  If arbitrary code injection is possible, please notify me immediately.

I have banned the following people permanently for using the exploit to forget up otherwise functioning threads:
   lykakspars
   Punished Kidalex90
   simpletonnn
   maxxxx   
   zelau   
   Rally   
   thegoodperry

I have banned the following people for the standard one week for participating in the spam thread or messing up their profile:
   K3k0m@n
   Pecon
   Swollow
   two and a half limericks
   Gytyyhgfffff
   Copy Kirby
   Parlydogs22






The permanent list is truly unsurprising







the table tags were actually useful

I hope you handicaps are proud of yourselves