Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page why does member become to admin/mod???
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-25-2007, 08:26 AM
macarong macarong is offline
 
Join Date: Nov 2006
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default why does member become to admin/mod???
Nearly we detect a member can edit himself to Mod and then edit to administrator (2 days ago)???? I don't know why, because in control panel log only display action is edit user.

I thinks vbu 3.6.4 have a bug very important, and i want in new upgrade version will save who login (admincp/index.php at login step) in control panel log. And Maintenance Section (in admincp) will disable, will enable when have permit in config.php.

Thanks
Reply With Quote
  #2  
Old 02-25-2007, 11:24 AM
rjmjr69's Avatar
rjmjr69 rjmjr69 is offline
 
Join Date: Jan 2007
Location: Southie
Posts: 876
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Doesnt happen to me with 3.6.4
Reply With Quote
  #3  
Old 02-25-2007, 11:29 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Either the member has access to your server, or you have a modification installed that is exploitable.
Reply With Quote
  #4  
Old 02-25-2007, 06:47 PM
SCRIPT3R SCRIPT3R is offline
 
Join Date: Jan 2005
Posts: 1,303
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
simple... your Administrative usergroups are joinable by anyone. I just registered and made myself an Administrator in 5 seconds. here's some screenshots... feel free to remove/edit my account accordingly after you fix this. in your AdminCP, make sure your administrative usergroups are not public joinable groups.
Attached Images
File Type: jpg 1.jpg (60.6 KB, 0 views)
File Type: jpg 2.jpg (75.7 KB, 0 views)
Reply With Quote
  #5  
Old 02-25-2007, 07:03 PM
rjmjr69's Avatar
rjmjr69 rjmjr69 is offline
 
Join Date: Jan 2007
Location: Southie
Posts: 876
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
WOW you better change that QUICKLY... since your in there bro you should have secured it for him
Reply With Quote
  #6  
Old 02-25-2007, 07:33 PM
SCRIPT3R SCRIPT3R is offline
 
Join Date: Jan 2005
Posts: 1,303
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by rjmjr69 View Post
WOW you better change that QUICKLY... since your in there bro you should have secured it for him
i tried, but he doesn't give of his administrative accounts access to the Users menu.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 10:49 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03691 seconds
  • Memory Usage 2,225KB
  • Queries Executed 14 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (6)post_thanks_box
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (6)post_thanks_postbit_info
  • (6)postbit
  • (2)postbit_attachment
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • postbit_attachment
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete