MyBB Community Forums

Full Version: SPAM - email address sourced from this forum
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Hi,

I got some spam today, which is no big deal, EXCEPT I have been able to verify HOW the spammer got my email address.

The email address they used, is ONLY stored on this forum, so somehow, a person/s have been able to get to the database (maybe SQL injection weakness ?? ) and retrieve my email address.

I can supply the script they used, as it is shown in the email headers. I won't post it publically, but if a moderator or 'admin' person PM's me, I will supply all the details.

HTH
Hi peterr,

Can you please send a copy of the email, with full headers, to myself via Private Message?

Thanks
Thanks Chris, the PM has now been sent.

Peter
Chris,

How are your investigations proceeding ? I sent you several other PM's, with additional information, about how my email address could have been 'harvested' from this site.

Whether it was unauthorised or authorised access, somehow the email address was either viewable through my profile (exploit found ??), or the database (sql injection possibly ??).

Peter
Hi peterr,

There are no exploits or sql injections that have been reported to us that haven't already been fixed and released.
Hi Tikitiki,

There is a resource site, that shows all the exploits, etc, try:

http://www.milw0rm.com/search.php?dong=Mybb

No doubt these have all been addressed though.

Peter
I am well aware of sites like that and I am well aware that there have been no reported vulnerabilities that have not been fixed already.

Anything else?
I too have received spam (yesterday) on addresses used only on this forum. I use two addresses (one general and one for mods) and on both I received the same spam.
Spam can occur even if you NEVER publish the email address. Have you considered that?
Hi,

There are no known issues (as has been mentioned) n MyBB which allows sourcing of email addresses. (SQL injection or otherwise) I've also scoured the log files (we have an intrusion detection system that logs all suspicious looking requests) for anything that looks like an SQL injection.

Because you registered such a long time ago, there may have been an issue a while ago that allowed something like this.
Pages: 1 2