I'm currently running 1.1.8 (haven't had a chance to upgrade to 1.2.x yet) and I had a new member (soon ex-member) that posted the following URL as a post:
http://noexist.mybboard.com/member.php?action=activate&uid=46&code=cYWTTXbO
Is this a valid expolit?
It's not, to my understanding.
If you go to
www.forumname.com, it redirects you there anyways.
"forumname" was just what I threw in there...I didn't want it pointing to my actual forum...guess I should have stated that. Thanks for the reply though. The skin be damned...I'm upgrading to 1.2.1 now anyways.
I really hope that there is a special hell reserved for these script kiddies, stuck in the same level of hell with all the lawyers would be poetic!
Well it still isn't a exploit. I tried it on my site that is running 1.1.8 and it just says "It appears your account is already activated or does not require email verification."
If you see something different, provide a screenshot
LOL, I was too chicken to try it...didn't know what it would do! Thanks for the info though.
Are you aware that's a porn link?
Lpspider Wrote:Are you aware that's a porn link?
Yea.. change "forumname" to something else.