Recent Topics

Someone trolling for a b2evolution bug?

Started by on Nov 16, 2006 – Contents updated: Nov 16, 2006

Nov 16, 2006 06:40    

I was just looking over my stats (love that feature! (but how about some pagination and drill down :) )) and saw these three searches reported:

[url=http://www.google.bg/search?hl=en&q=%22powered+by+b2evolution%22+%22leave+a+comment%22+%22remember+me%22+%22Allowed+XHTML+tags%3A%22+]"powered by b2evolution" "leave a comment" "remember me" "Allowed XHTML tags:"[/url]

[url=http://www.google.bg/search?hl=en&q=%22powered+by+B2Evolution%22+%22Your+URL+will+be+displayed.%22]"powered by B2Evolution" "Your URL will be displayed."[/url]

[url=http://www.google.com/search?q=powered+by+b2Evolution+Comment+text:&hl=en&lr=&start=40&sa=N]powered by b2Evolution Comment text:[/url]

If you ask me, I'd say someone is searching out b2evolution comment forms for the purpose of cross-site scripting attacks. Is there a known vulnerability? Or, I suppose it could be a spammer looking for fertile fields too.


Form is loading...

Open Source CMS – This forum is powered by b2evolution CMS, a complete engine for your website.