Not really a "bug" but not sure where else to post this. I am running the latest version with the security patch. Today I was notified that there were some "anonymous" posts showing up in the "Active Topics" that were in a "non-existent" forum. Sure enough, there was a thread in a forum that had long been closed, but somehow someone was posting replies in that thread without being a member. The original thread was a legit thread, but there were dozens of recent replies that all had links to porno sites.
I recorded all the IP addresses and did a search in my server's log file.
Here is an example of what I found associated with one of those IPs:
123.234.47.195 - - [29/Oct/2011:16:30:26 -0400] "POST /xxxxxxx/ubbthreads.php HTTP/1.0" 302 - "http://www.xxxxxxxxxxxx.com/xxxxxxx/ubbthreads.php/topics/235868/2" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
The permissions in the closed forum would not have (or should not have) allowed anyone not a registered member to post, but somehow someone did. Any thoughts or ideas?
