login | register | shoutbox

 What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » General » Forum & Website » XSRF Spam Vulnderability?

XSRF Spam Vulnderability?
Author: Message:
Baggins
Full Member
***

Avatar
B000ALFAZO

Posts: 387
Reputation: 13
29 / Male / Flag
Joined: Oct 2006
O.P. XSRF Spam Vulnderability?
I was thinking as I just subscribed to a thread, subscribe is GET.
So if you have a thread which gets hundreds of replies, I could do
code:
[img]http://shoutbox.menthix.net/usercp2.php?action=subscribe&tid=<tid>[/img]
and by the time someone checked their email, they could have hundreds of crap emails there.

Also wdz, why is the [code] tag so weird

This post was edited on 08-25-2007 at 04:47 PM by Baggins.
08-25-2007 04:45 PM
Profile E-Mail PM Web Find Quote Report
pollolibredegrasa
Full Member
***

Avatar
formerly fatfreechicken

Posts: 483
Reputation: 34
35 / Male / Flag
Joined: May 2005
RE: XSRF Spam Vulnderability?
If they were not active on the forums they would only get a couple at most. This post sort of explains it.

Though it might have changed since then, I'm not sure...

This post was edited on 08-25-2007 at 04:58 PM by pollolibredegrasa.
;p

[Image: chickennana.gif] Vaccy is my thin twin! [Image: chickennana.gif]
08-25-2007 04:57 PM
Profile PM Find Quote Report
Baggins
Full Member
***

Avatar
B000ALFAZO

Posts: 387
Reputation: 13
29 / Male / Flag
Joined: Oct 2006
O.P. RE: XSRF Spam Vulnderability?
I see.

Thanks, FFC.:)
08-25-2007 05:05 PM
Profile E-Mail PM Web Find Quote Report
« Next Oldest Return to Top Next Newest »


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts 		HTML is Off
myCode is On
Smilies are On
[img] Code is On