Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page SQL injection Vulnerabilities
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #1  
Old 05-26-2008, 01:20 AM
GhOsTxX's Avatar
GhOsTxX GhOsTxX is offline
 
Join Date: Mar 2008
Location: New Jersey
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default SQL injection Vulnerabilities
Hello, i was informed by one of my staff members, that my site had 2 SQL injection Vulns, and i was wondering how i could fix this, or how to solve this problem, if anybody would help me, i can provide the links with the SQL injection Vulns, i would prefer the assistance of Moderators or staff here. So please let me know whats going on. thank you
Reply With Quote
  #2  
Old 05-26-2008, 01:47 AM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Are these Vulnerabilities within a modification? If so, please report them using the report post feature and we will verify, quarantine, and notify the author. If they are within vBulletin, please create a private bug report on vBulletin's bug tracker.
Reply With Quote
  #3  
Old 05-26-2008, 02:02 AM
GhOsTxX's Avatar
GhOsTxX GhOsTxX is offline
 
Join Date: Mar 2008
Location: New Jersey
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
actually they are not related to mods, so how can i fix them? and where can i input them in the bug tracker or w/e its called
Reply With Quote
  #4  
Old 05-26-2008, 02:05 AM
SEOvB's Avatar
SEOvB SEOvB is offline
 
Join Date: May 2007
Location: Indianapolis
Posts: 2,451
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
If its vBulletin security holes, you should notify vBulletin.com either in a support ticket or their bug tracker i suppose
Reply With Quote
  #5  
Old 05-26-2008, 02:08 AM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
If they are vBulletin related, head over to vBulletin.com, then to the forums, then click Projects in the navbar, clock on vBulletin, create new bug, mark as private. That will allow the developers to fix it. And we don't suggest announcing these vulnerabilities. But if you would like to PM me the vulnerabilities I will verify and report them for you.
Reply With Quote
  #6  
Old 05-26-2008, 02:09 AM
GhOsTxX's Avatar
GhOsTxX GhOsTxX is offline
 
Join Date: Mar 2008
Location: New Jersey
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
yes, i will do this, but can you fix them for me?
Reply With Quote
  #7  
Old 05-26-2008, 02:10 AM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I should be able to advise you on code changes.
Reply With Quote
  #8  
Old 05-26-2008, 02:12 AM
GhOsTxX's Avatar
GhOsTxX GhOsTxX is offline
 
Join Date: Mar 2008
Location: New Jersey
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
ok, so do i send you the links to the vulns?
Reply With Quote
  #9  
Old 05-26-2008, 02:13 AM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Yes, send them my way.
Reply With Quote
  #10  
Old 05-26-2008, 02:15 AM
dtv100 dtv100 is offline
 
Join Date: Apr 2007
Location: in the south of the north
Posts: 307
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
what version of vbulletin you are using?
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 08:16 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08624 seconds
  • Memory Usage 2,237KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete