how they find this vulns?

hi

some PHP scripts on my server, that uses mail() command, are being exploited
the programmer do his homework, validating the from/to address...
but he adds a header (last field of the mail() command) with something like:
"From: $_POST[mail]"
enough for spammers to use POST 'mail' as something like "Content-type... bcc: a@aol, b@aol, c@aol, ..."

I found which script was doing this and contacted the owner... he fixed it
but now they're exploiting another script on the server, with the same problem!

but how did they found out?! it's on a different domain...
maybe they got access to my server's PHP files (using "apache" user maybe)?

thanks

 

 

 

 

Top