If you aren't able to see the fixes needed from reading the code, it's not likely you will be able to fix them.

hmm using that logic...makes you wonder how they ( the exploits) ever got in the first place then doesn't it?

The store system is so big, you never know what else you could discover

this should no longer be a premium mod...

This thread should be closed. It's going no-where. Time to move on and find an alternative or just not offer such a feature.

That didn't fix the exploit

hello
i wanted to know if there is progression with vbBux / vbPlaza ??
thank you who israel

HI, may i know how to download this vbplaza, i cant download.. and said i dont have permission

I bet that's coz this version isn't safe to use and has been removed...

i would like to try out, pls advise where can i download it. thanks

its more so people can evaluate whether its a reasonable risk to install anyway (like me). Some exploits are severe and should clearly be avoided, but some are honestly just not worth getting all in an uproar about if one has a small forum.


STILL for those wanting the hack:

i think a mod needs to close this thread. just the same posts over and over again

I think it's open to try to stem the tide of new threads that would pop up if it was closed (but what do I know)

lol :D

awwww..it's sad to see this. :(

If somebody can pm me with the known errors I will get them fixed up. I have already been working on the donation one that I dug out in the code already.

Your about the only one I can think of currently that would have a real fix version :)

Thanks!

What exactly are you thanking? :)

Same question im asking myself:confused:

Thanks!

eXtremeTim - what happened to the fix you released earlier in the day ?

In the graveyard

<a href="http://www.extremewebtech.com/forums/f272-free-vbulletin-hacks/t110203-vbplaza-vbux-1-6-0-security-fixes" target="_blank">http://www.extremewebtech.com/forums...security-fixes</a>

Its nice to know that the staff around here are watching the vbplaza forum enough to +++++ about someone trying to fixing it, but not enough to make any official statement and/or suggest how people should fix one of the most popular vB hacks available.

im sure there was reasonal explaination for this. one is he didnt have permission from the original author to post it

Then I'd love to hear it...

1. Tim had no permission from the author to post the code (and still doesn't).

2. All the security holes were/are not fixed, use it at your own risk.

3. Staff are here to run vbulletin.org, not run around getting people permission to release other peoples work.

4. We will not tolerate abuse of our staff. Any posts insulting the staff will see members getting high point infractions, possibly resulting in account suspension.

Its about time one of you posted. So you seem to know all the security holes, why not post them? I fail to understand what you and this site gains by continuing to let this fester. Additionally, you guys run off others who attempt to create alternative shops. In the end, the only losers are us end users.

What in Gods name is going on?

Oh yeah posting up all the security holes is an awesome idea. Hackers would have a field day you doughnut =D

Try reading the rest of the site, there are plenty of staff posts relating to this mod.

Hmm, yes, that sounds a good idea, let's tell everyone how to hack a few hundred forums ... :erm:

What we gain is security. We will not allow mods with gaping security holes be published. If other sites want to that is up to them. If the original author fixed the holes then there would be no problem. If he gave others permission to release a fixed version, there would be no problem. He has done neither. JFYI - a PM from myself, to him, querying if a previous release had his permission remains unanswered almost a month after it was sent.

I suggest you calm down a bit now, your current path of confrontation is not going to end well.

Feel free to threaten me all you want, but this is the first time I've seen anyone from your staff address this. That said, I'm glad that you feel safe in security through obscurity. It's a great tactic and hope that works out well for you. In the real world, hiding the problems isn't the same thing as fixing them. I mean, what about the poor, poor people who are still running vbplaza 1.5.7? What are we to do about them and the starving children in Africa...

Errm..
Didn't this sound kind of off topic? :erm:

It must be late there, as its actually quite germane.

My opinion is that if someone is going to hack a board they are going to hack it. Making the exploits at least known to the people who have the exploitable hack installed is not going to CREATE new hackers.

It would be entertaining, at the very least. :erm:

*sitting next to LisaD1 and Ohiosweetheart with popcorn and soda...and some jujubees*

*Deezel joins the ladies with her bag of Twizzlers...LMAO!!

Yup, I visit this thread for the entertainment value...:p

I've considered this mod long dead :( I'm anxiously awaiting for Tehste's Store to come out myself. I'd rather pay for a supported mod than deal with this.