FLOSS, Linux, PDA, FreeMap and more
« Free Standards Group and OSDL to mergeunknown agent 'PHP/proxy-upk 1.0.0' and smartfilter category »

SPAM using Plone vulunerbility?

  09/10/06 18:02, by , Categories: Blogging

Recently, I got many SPAM post with the site URL which is hosted by Plone. I have wandered it and find the description how and why to do it.

This is an old, old vulnerability that only exists in the Plone 2.0.x series.

It was fixed over a year ago, and the site in question is running a version of Plone that is between 18 and 24 months old as of August 2006.

Not much we can do about people that don't update their sites and stay current on security, unfortunately. If you try your JS redirection trick on any current Plone version (2.1, 2.5), you'll see that it doesn't work.

I want to request Mr.Administrator of plone site, please care your site rather than host spam redirect page and parasite SEO.

For example, I got some URL list posted as SPAM comment, such as Cleveland Area Python Interest Group, who is ordinal user group.
Followings are similar site which is hosted by plone;

No feedback yet


Form is loading...

August 2009
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
 << < Current> >>

Code readers

I am interested in OSS, FreeSoftware, OpenStreetMap and Linux.

Search

  XML Feeds

CMS engine
 

©2024 by H.Miura

Contact | Help | b2evolution skin by Asevo | Advanced CMS