Almost no one does masking or protecting of their log files data (but they should). Another thing no one does is escape their logging data. So it’s very easy to say pass Linux commands to a website via a form that you know are going to be logged, and by logging that data the server can inadvertently trigger executable remote code...which pretty much means they are pwned.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Almost no one does masking or protecting of their log files data (but they should). Another thing no one does is escape their logging data. So it’s very easy to say pass Linux commands to a website via a form that you know are going to be logged, and by logging that data the server can inadvertently trigger executable remote code...which pretty much means they are pwned.