vb.org Archive
Page 19 of 54 « First 91718 19 202129 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.7 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=228)
-   -   Profile Enhancements - vBStatus - Facebook Style Status Display (v4) (https://vborg.vbsupport.ru/showthread.php?t=181283)

pguy 07-12-2008 07:14 AM
I too got the graveyard email and I dont see any mention of a security issue on this thread - was it fixed? Any leads on what happened?

PoetJA-1975 07-12-2008 01:10 PM
The modification was updated on 10 July - So apparently the security issue has been sorted. Why on earth the modification author doesn't respond to the following post is beyond me though. Perhaps the modification should now be updated and marked as UNSUPPORTED perhaps?

Jacquii.

Quote:
Originally Posted by PoetJA-1975 (Post 1568851)
Hi Attilitus - are you still supporting this modification please? There is evidently a javascript clash/conflicts - Edit button doesn't work even when folder/files chmod to 777 - Help please because this is a really nice idea.

3.7.2 - with QuickTab installed and Dynamic Tab Content For Postbit Legacy

At anyrate - thanx for the sharing.

Jacquii.

Greg-J 07-12-2008 04:59 PM
I reported the vulnerability as well as the fix, but it was removed. I didn't know there was a specific place to report them. I looked at the update and it does not include my fix though, so I'm not sure if this version is or is not at risk...

zmmmzz 07-12-2008 07:57 PM
greg can you upload the mod with the fix so we can download it?

PoetJA-1975 07-12-2008 08:41 PM
Quote:
Originally Posted by Greg-J (Post 1573658)
I reported the vulnerability as well as the fix, but it was removed. I didn't know there was a specific place to report them. I looked at the update and it does not include my fix though, so I'm not sure if this version is or is not at risk...
I saw your post and I reported the modification using the https://vborg.vbsupport.ru/external/2008/09/5.gif button -- Fortunately I'd already uninstalled the modification because the author is apparently no longer supporting it and it didn't work on my board.... Some sort of javascript conflict - clicking the edit button does nothing...

Jacquii.

calorie 07-13-2008 02:39 PM
FYI, the author has addressed the reported vulnerability. To patch, grab the attachment updated as of today, and FTP the two PHP files to your server, making sure to overwrite the old files.

tazzarkin 07-13-2008 04:45 PM
I wasn't going to install this, but it's been sent to the Modification Graveyard so many times that now I'm intrigued.

It feels like you're getting something they don't want you to have...

PS - I even nominated it for Mod of the Month

Boosted Panda 07-13-2008 06:26 PM
Is this working again?

TFEX 07-13-2008 07:42 PM
Installed, thanks :)

twister17e 07-13-2008 08:32 PM
I upgraded today after removing my homemade patch and it appears this mod no longer allows html to be parsed. After running a few tests, html shows up as
Code:
<b>testing</b> or <script>blah</script>
just like it should. It appears that we are good to go!


All times are GMT. The time now is 01:55 PM.
Page 19 of 54 « First 91718 19 202129 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01239 seconds
  • Memory Usage 1,736KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete