Hi there,
We're still running Actinic v7, (*) and this morning we realised that someone had been using our site's Actinic "Contact Us" form to send out spam (i.e. the messages were sent to other people).
Is there an issue with an unpatched version 7.0.6.0.0.0.GBGA that could cause abuse of the form this way? The fact that we also received copies of all the spam ourselves implies that the other people's addresses were injected before/after our pre-existing "To:" header.
Also, I've disabled the form entirely at present via the quick-and-dirty method of inserting "die()" into "mail_form.pl", but where is the option to disable this functionality in Actinic itself?
Would appreciate any feedback, thank you.
- Arbre
(*) Yes, I realise it's long obsolete and probably not patched. Unfortunately, the system has been heavily customised, which makes it hard to patch or upgrade- so we do not blame Actinic/SellerDeck for this!- and it will soon be replaced entirely.
(**) We know it's the default "Contact Us" form because- following a reference to NETQUOTEVAR:NAMEVALUE and NETQUOTEVAR:SUBJECTVALUE in one email, we went through the web logs and spotted multiple successive references to "mail_form.html" then "mf000003.pl".
We're still running Actinic v7, (*) and this morning we realised that someone had been using our site's Actinic "Contact Us" form to send out spam (i.e. the messages were sent to other people).
Is there an issue with an unpatched version 7.0.6.0.0.0.GBGA that could cause abuse of the form this way? The fact that we also received copies of all the spam ourselves implies that the other people's addresses were injected before/after our pre-existing "To:" header.
Also, I've disabled the form entirely at present via the quick-and-dirty method of inserting "die()" into "mail_form.pl", but where is the option to disable this functionality in Actinic itself?
Would appreciate any feedback, thank you.
- Arbre
(*) Yes, I realise it's long obsolete and probably not patched. Unfortunately, the system has been heavily customised, which makes it hard to patch or upgrade- so we do not blame Actinic/SellerDeck for this!- and it will soon be replaced entirely.
(**) We know it's the default "Contact Us" form because- following a reference to NETQUOTEVAR:NAMEVALUE and NETQUOTEVAR:SUBJECTVALUE in one email, we went through the web logs and spotted multiple successive references to "mail_form.html" then "mf000003.pl".
Comment