Yea Shazz What proof you want? Screenshots of another person logged in as me, the admin?

Site being exploited 3,4 times. It is not a system issue, it is vb, the hacker is even playing games with me, he has many sites databases. He exploits them, logs in as admin, he gains acess to admincp and creates his back up, he has many ways.

I fully upgraded to 3.6.7 pl1, changed all my passwords. Poof, he does it again.

I was right about 3.6.6. also check the first post here, I discovered the hole in calendar. Cause he hacked that too.

Not to seem rude, as I am new to vB. But...I've been running sites for a while now and work for a software developer that produces web based applications, so I'm not a complete novice when it comes to things like site security. There is no forum software that is 100% hacker proof, but you seem to care more about trashing vB than you do about actually helping the community protect itself from a potential exploit.

vB has a nice sticky post in their quick tips and customization section called "How To Make My Forums More Secure". If he's continuing to get in to your admin cp, there's something going on. Maybe you haven't taken proper steps to secure it or maybe you have a key logger on your own computer and keep inadvertently giving your passwords to him.

Since you single handedly identified the calendar exploit before anyone else, maybe you can present evidence of the hole in 3.6.7 PL1 that is causing your site to get hacked instead of just ranting that there's a new, unidentified exploit. :confused:

why not change where the admincp folder lies and then just edit the config.php
If you have issues and know how they are getting in the get the log files from the FTP and let vbulletin know

Sounds more like you got keylogged than exploited.

this was most likely an XSS exploit .

smells like B.S. to me.

ever heard of .htaccess protection on your directories? ;)