Security holes (No support email?)

Hiya,

Im a user on another forum that runs this software and some friends and i discovered some nasty security holes in version 6.34. Im just attempting to let anyone responsible know. For obvious reasons im not about to post how to do these, but we managed to:

Post in locked threads
Post in rank-restricted forums
View Moderator-Only forums and threads
and post in the above Moderator Only threads.

I emailed the folks in charge on the other forum which is http://www.tippmann.com and i figured i should come here and email this to any bug report or support address. Unfortunately i see the author has removed any address from this site. Hm.

A little shocked to see version 7.5 and tippmann is running 6.34, so im hoping these issues were most likely detected long ago and fixed.

If not, anyone responsible for development on this forum thats interested, just drop a note here with some email address and ill send along a file i made of how these holes were exploited.

There are quite a few other issues that it is recommneded that all users should upgrade to the latest version as there are more security holes in version 6.x than just you have mentioned.

Reasons to upgrade from 6.x to 7.5 are:-

• Improved security
• Improved performance by over 500% of some files
• Imporved malcious code filters
• 160bit Encryption of passwords with salt value to prevent hackers getting hold of admin passwords etc.
  
• Imporved SQL injection measures and filters
• Anti-spam remote robot attack/spamming measures
• Security graphic images for new registration and login to prevent remote attacks
  
• Session ID's checked to prevent remote attacks
• All Form/QueryString and user input checked for malicious code input
• IP banning and email domain banning
  
• More powerful security options for forums

These are just a few of the security improvements between version 6.x and 7.5 of Web Wiz Forums.