PLEASE NOTE: These forums are no longer utilized and are provided as an archive for informational purposes only. All support issues will be handled via email using our support ticket system. For more detailed information on this change, please see this blog post.

Form fields are populated with "0"s (zero)

  1. Hi,

    I'm currently dealing with this problem:
    I have a form that I set up, that has some free-text fields, and some select/dropdown elements as well. The issue is that I get tons of illegitimate entries that contain the value of "0" on most fields (only for free-text fields, not for dropdown fields).

    Here's a screenshot of the form's entries
    http://i.imgur.com/wBP5A.png

    ... and here's a full view of one of these entries
    http://i.imgur.com/h0m1A.png

    Now, at first I suspected that it's spam, but I have enabled Honey Pot, plus, the strangest thing is that it is quite impossible to submit the form when the Email field is populated with "0" (the Email field is NOT a regular text field. I have selected the one that does verification - under "Advanced Fields").

    Another thing I should probably note is that the IP address is consistent across all entries. And, if I were to submit the form regularly, the entry would look just fine (without the zeros).

    When doing an IP lookup for that IP address, it says that the IP is associated to McAfee, which is very strange.
    http://whatismyipaddress.com/ip/161.69.46.141

    I am really unsure what causes this issue, but as far as I know it's impossible to submit the form if the email field is set to zero.

    Thanks a lot for helping out!

    Posted 7 years ago on Wednesday December 12, 2012 | Permalink
  2. David Peralty
    Administrator

    So, I've quickly discussed it with others, and we are confused as well. Is it only this form? What version of WordPress and Gravity Forms are you using? How long has this been going on for? Can you try submitting a form with errors to make sure it errors out? Looking forward to figuring this out with you.

    Posted 7 years ago on Wednesday December 12, 2012 | Permalink
  3. Thanks for the quick response, David!

    This is the only form we have on that site. We're running on WordPress 3.4.2 and Gravity Forms 1.6.9. This has been going on since we have created this form and published it on a page. Also, I forgot to mention that we're using the GF Salesforce Addon by Katz Services:
    http://wordpress.org/extend/plugins/gravity-forms-salesforce/

    It can be quite problematic to turn this plugin off since our client has to get all entries sent over to Salesforce.
    I have tried submitting the form with errors, and it won't submit. AJAX is enabled on this form for this moment.

    The form is located right here:
    http://www.commtouch.com/free-evaluation-general/

    Thanks a lot!

    Posted 7 years ago on Sunday December 16, 2012 | Permalink
  4. Actually that is not the only form that suffers the same effect. Here's another one:
    http://www.commtouch.com/free-evaluation-spamassassin-plug-in/

    The majority of this form's entries are "0" values too.

    Same goes for this form, too:
    http://www.commtouch.com/newsletter-subscription/

    Posted 7 years ago on Sunday December 16, 2012 | Permalink
  5. David Peralty
    Administrator

    The only thing I can think of is that there is some kind of theme or plugin conflict causing this. Can you try the following steps and see if you can isolate the issue?

    http://www.gravityhelp.com/documentation/page/Testing_for_a_Theme/Plugin_Conflict

    Also, if you are able, can you upgrade your WP and GF versions to their latest? All my best!

    Posted 7 years ago on Monday December 17, 2012 | Permalink
  6. Hi David,

    Sorry for the delayed response.

    We've updated WP and GF to the latest version. This time we've also deactivated Katz's Salesforce addon, and waited 48 hours. We noticed that we're still getting entries with zeros (pretty much means it's not a conflict with that plugin).

    Now we've been discussing this with the client, who came back to us a few days later and told us that they are using McAfee's Vulnerability Manager, which is basically a vulnerability real-time scanner that is constantly scanning their site. The funny thing is that, I know that GF is validating and sanitizing user input. However we're still getting those zeros, even where they are not allowed, like in the email field.

    Are you aware with any issues caused by real-time scanners such as this one?

    Thanks!

    Posted 7 years ago on Wednesday January 9, 2013 | Permalink
  7. This issue is continuing, and I have no clue at all what is causing it.

    Posted 7 years ago on Monday January 14, 2013 | Permalink
  8. Hi again - I just wanted to write again in case the above wasn't clear, and because I think we've found the cause of the issue.

    The form is on a site that is being scanned continuously by McAfee's Vulnerability Manager. That scanner is submitting the form. This means that the form is vulnerable to malicious attacks. Any idea why the scanner would be able to submit the form, and how we can close this security gap?

    Posted 7 years ago on Monday January 14, 2013 | Permalink
  9. I am sorry, but it looks like this item slipped through the cracks.

    I am tracking down this issue now and hopefully we will get to the bottom of this.

    Any chance you could take a look at your web server logs and find that exact request (form submission) made by McAfee's Vulnerability Manager? I need to replicate this issue locally and getting a hands on that request would be very helpful.

    Posted 7 years ago on Wednesday February 13, 2013 | Permalink