vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin.org Site Feedback (https://vborg.vbsupport.ru/forumdisplay.php?f=7)
-   -   Reporting a vulnerability in a no longer supported modification (https://vborg.vbsupport.ru/showthread.php?t=319459)

jh1711 07-13-2015 04:17 PM
Reporting a vulnerability in a no longer supported modification
 
Hello Guys,

I have the following dilemma. I'm reasonably certain that a modification hosted on vbulletin.org is vulnerable to an SQL injection. I don't have a vB license atm., and can't verify if the latest version is vulnerable. But the mod hasn't been updated in years; I'd bet it still is vulnerable.

Any advice on how I can inform the people using the mod about the problem is appreciated.

Thank you

kh99 07-13-2015 04:24 PM
Are you able to use the report button? If so, use that and tell us what you think the problem is (and what version you have, if you know).

jh1711 07-13-2015 04:35 PM
Yes.

Let me know if the information wasn't enough. The hook code isn't long.

Edit: I think I need to use a second report to give more details. Gonna take a few minutes.


All times are GMT. The time now is 01:48 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02951 seconds
  • Memory Usage 1,703KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete