Why does the dolphin demo redirect me to LinkBucks

And then an automatic download?

??

Quote · 22 Apr 2014

Does not redirect me.

https://www.deanbassett.com
Quote · 22 Apr 2014

Thought I'd try Safari as well (as chrome) and - same.

Quote · 22 Apr 2014

And now a different computer - same.

Quote · 22 Apr 2014

After about 5 seconds I'm redirected to this url:

http://www.linkbucks.com/c65157b6/url/http://demo.boonex.com/?_lbGate=708951

Quote · 22 Apr 2014

yep.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 22 Apr 2014

Yes, tested and the same result.  Perhaps someone loaded something to the site that is causing it.  Should reset and be gone if that is the case.  Reset on demo is 30 minutes I believe.

Geeks, making the world a better place
Quote · 22 Apr 2014

Yea, it does for me now as well. Maybe some idiot put some malware on it.

The site resets in a few minutes, so check again later.

https://www.deanbassett.com
Quote · 22 Apr 2014

OK good, thought it was just me.

Yes, after the demo resets the redirection no longer occurs.

Quote · 22 Apr 2014

Well it's redirecting me again.  The vulnerability scares me :(

Quote · 22 Apr 2014

So what's happening is someone is manually logging in (the salt is now reset) and editing the promo block to add a JavaScript redirect. This has been happening for a few months now. Your site's fine, it's not a vulnerability. Just a very determined individual.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 22 Apr 2014

 

This has been happening for a few months now.

What do you mean... I've never seen this on the dolphin demo before.

If it's been happening for a few months why has it not been addressed in some way?

Quote · 22 Apr 2014

 

What do you mean... I've never seen this on the dolphin demo before.

If it's been happening for a few months why has it not been addressed in some way?

It was - the salt is now reset, so automatic re-logins are no longer possible. However, BoonEx does need to ban the IP address (assuming there's only one). The demo is also reset every 30 minutes, so it's easy to miss. I assume this isn't an automated script, because it's sporadic and doesn't happen for some days or weeks.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 22 Apr 2014
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.