There appears to be a vulnerablity within your "invite a friend" component. It is causing sever spamming from my site. My ISP has blocked the IP address that is causing the exploit but it is only a matter of time before another address finds this issue. I have provided the report from my ISP below. Please advise how we can correct this issue. I note that there is at least one other report of this matter within this forum. Thank you for your assistance!
Bing,It looks like this component Event Booking is vulnerable and the spammers can exploit this bug:
Code:
182.16.30.194 - - [11/Jun/2024:16:14:13 -0400] "POST [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 500 1591 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:16 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:17 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "POST [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 500 1591 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "POST [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 500 1591 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:19 -0400] "POST [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 500 1591 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.16.30.194 - - [11/Jun/2024:16:14:18 -0400] "GET [url=http://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component]www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url] HTTP/1.1" 200 9551 "[url]https://www.rehobothbeachmuseum.org/index.php/component/eventbooking/elements-in-art-kids-classes-07-11-2024/invite-friend?tmpl=component[/url]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
This is how they trigger those emails - we've blocked the IP number, but they'll surely change it.You should contact the extension developer for a fix to this issue.Regards,Kris Sibinski | System Administrator
CloudAccess.net
