The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
SQL injection Vulnerabilities
Hello, i was informed by one of my staff members, that my site had 2 SQL injection Vulns, and i was wondering how i could fix this, or how to solve this problem, if anybody would help me, i can provide the links with the SQL injection Vulns, i would prefer the assistance of Moderators or staff here. So please let me know whats going on. thank you
|
#2
|
||||
|
||||
Are these Vulnerabilities within a modification? If so, please report them using the report post feature and we will verify, quarantine, and notify the author. If they are within vBulletin, please create a private bug report on vBulletin's bug tracker.
|
#3
|
||||
|
||||
actually they are not related to mods, so how can i fix them? and where can i input them in the bug tracker or w/e its called
|
#4
|
||||
|
||||
If its vBulletin security holes, you should notify vBulletin.com either in a support ticket or their bug tracker i suppose
|
#5
|
||||
|
||||
If they are vBulletin related, head over to vBulletin.com, then to the forums, then click Projects in the navbar, clock on vBulletin, create new bug, mark as private. That will allow the developers to fix it. And we don't suggest announcing these vulnerabilities. But if you would like to PM me the vulnerabilities I will verify and report them for you.
|
#6
|
||||
|
||||
yes, i will do this, but can you fix them for me?
|
#7
|
||||
|
||||
I should be able to advise you on code changes.
|
#8
|
||||
|
||||
ok, so do i send you the links to the vulns?
|
#9
|
||||
|
||||
Yes, send them my way.
|
#10
|
|||
|
|||
what version of vbulletin you are using?
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|