So after posting some very special community ad’s (one of which I wanted deleted) I’ve come to realize a possible exploit.

Scenario is as follows.

1: I submit an ad cleverly worded, that links to something safe on my server

2: The ad gets approved by one of the mods

3: The ad goes public

4: I change the content on my server to redirect to either a fake log in page, a known exploit in common browsers, etc or worse set the content type of the file being linked (through php/etc) to an executable/download thus making it look like a file comes directly from the ad and trojan/etc **** up.

5: The acting mods go insane as they can’t change content in the ad’s. To quote ”... there is no feature in place to modify an existing ad. Yes, ...”

Besides that problem, the mods as far as I know should have the power to edit community ad’s already (dead links 404/403’s, content that gets changed etc) in case this sort of **** happens anyways.