|
Prelude to 2.2.9 - very important security fix!
All vBulletin versions from 2.0.0 to 2.2.8 have a cross-scripting security loophole that allows people to get member's usernames and passwords off your forum by doing something quite simple.
A fix is provided while the vB team organizes version 2.2.9 - Read about it here: http://www.vbulletin.com/forum/showt...threadid=57025 John posted a replacement global.php in vB.com's announcement forum, but PPN posted a more updated global.php at the bottom of this page: http://www.vbulletin.com/forum/showt...5&pagenumber=5 Do upgrade to protect the security of your site. A friendly reminder post for vB admins. :) |
thanks for posting it here ;)
|
Thanks:)
Satan |
Thanks
- miSt |
Yup.. it was fun playing with that.
|
Quote:
_Arunan |
^ me too :(
- miSt |
:cry:
-Arunan |
tell me bout it ^
I was well upset.. - miSt |
Lol...
Satan |
when will the madness end? ;) I guess this means the end of the line for the ver 2 series since 2.2.9 will be coming out, eh? vB 3 here we come. LOL
|
Quote:
|
So, what's next ver 2.2.9.1 ? LOL
|
Quote:
|
I was able to get all my users passwords from it ;)
|
For those who have hacked your global.php, and want to manually upgrade your global.php (this is the global.php in your FORUMS directory, not the admin one):
Follow the instructions in this post: http://www.vbulletin.com/forum/showt...467#post363467 |
Quote:
|
*runs off crying* at the lack of knowledge :(
- miSt |
| All times are GMT. The time now is 07:56 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|