I was hoping someone can shed some light on this.
On my site we have a tinychat room integrated and it keeps on getting hacked by some creep who is able to login as a Moderator and bans everyone from the room. I've seen something like this on YouTube with people showing off.
The reason for this thread if someone can shed some light how it's done. I've contacted tinychat support countless times, but they either don't reply and when they have (in the distant past) all they have no clue themselves.