Heh sorry I wasnt really clear with that was I?

I have two account with my hosting service and through phpmyadmin I was able to edit my user account so that I was a admin and or mod.

There is nothing VB can really do about that.


So no version is really secure ;)

This is a problem with your phpMyAdmin password and/or hosting service. Of course if anyone gains direct access to the database they can do pretty much anything they want.

Actually I have seen this problem with many hosting companies. Many of them are to lazy to make anything totally secure... like being able to gain root access.

I told them about it but they yelled at me and said I shouldnt be hacking....which makes sence but what is a "real" hacker comes along? o_O

Geez! Find yourself another hosting company fast!

OK I've heard things previously about someone coming to the forum and finding themselves logged in as another member.
Is it possible this person could have turned up to the forum and found himself logged in as a moderator because of his IP at teh time?

HEH this forum was just hacked and I believe it runs 2.2.7

http://www.animehorizons.com/forums/index.php?s=

the site too ^

That entire site was hacked as DrkFusion points out. There is no way vB can protect itself from a hacked server.

... and adding hacks to your forum makes it much less secure. This is something that is overlooked by most. Turning register_globals off helps alot since that will solve most cases of sql injection and always use intval() and addslashes().

Note that if you're on a shared server, you are basically in a lot of trouble. Dedicated servers tend to be more secure, for obvious reasons. Yeah, and do check the code of hacks you install. :) Some of holes larger than the black hole in the centre of this galaxy. I won't mention names... but some of these hacks have been installed by a lot of people.