The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vB Journal for vBulletin 3.0.3(v1.0.1) Details »» | |||||||||||||||||||||||||
vB Journal v1.0.1 By Antonbomb22(Anthony Scudese) vB Journal 1.5 Beta 1 is now available, click here. Features:
Version 1.0.1:
Features for later versions:
Demos: Add-Ons(I Will not give support for these because i did not create them):
Side Credits:
Notes:
Support: ~READ FIRST POST COMPLETELY BEFORE POSTING PROBLEMS AND MAKE SURE YOU DID ALL EDITS AND REQUIREMENTS!~ Support may be denied if provided files are edited/modified and support may be stopped at any time due to any circumstances. If you should run into any errors, problems, confusion, or maybe even a suggestion please foward them to one of the following places:
Contents of Zip:
I have also provided several screenshots Please click install If you are missing phrases or blank spaces in the usergroup manager click here. Updates/Fixes:
Supporters / CoAuthors Show Your Support
|
Comments |
#1202
|
||||
|
||||
Quote:
|
#1203
|
||||
|
||||
Quote:
|
#1204
|
|||
|
|||
Hi,
Thank you for your reply. Just wondering if there are any add-ons for vbulletin journal? Also wondering if I can do something in the administrative control panel so that all the journals on my website are public journals? How does one get moods and smilies for vb Journal? Thank you, Widebertha |
#1205
|
||||
|
||||
Urgent Security-Warning This Hack has several severe XSS and SQL-Injection-Vulnerbilities. The author has been informed since 2 weeks, but still hasn't fixed the remaining issues. Therefore I strongly recommend to uninstall this hack in order to keep your Board secure. |
#1206
|
||||
|
||||
Quote:
|
#1207
|
|||
|
|||
Quote:
|
#1208
|
||||
|
||||
Hey guys,
sorry but I do NOT agree with the last 2 postings. VB.org moderators have to warn their members about any possible impact. If this hack has serious problems then I would deinstall it by removing the journal.php file in the first instance. I have the hack installed as well and the first thing I did was to remove the file. In addition Kirby is not responsible to provide any fix for this hack. He is just informing you guys. So do not blame him for informing you because next time he will just sit back and relax to see you struggling with your hacked board. I agree with Kirby that if the author does not react on any message he should inform the people by posting into the appropriate thread and not send a PM. Because a PM will not have the same effect like his posting. If I would be the hack author I would react on the posting rather then on a PM to all users. Summary: Contact the author to create the pressure to fix the security issue(s) and THANK Kirby for informing us. Cheers, |
#1209
|
|||
|
|||
As Kirby already mentioned, the author have been privatly informed about the vulnerabilities in more detail then this public post. He was given time to create a fix without mentioning the risks to public.
Since the risks still exist, it is our duty to inform the users of this hack of the risks. The choice to do this in the public thread was being made since not all that use the hack would have clicked install, and contacting in private would therefor be impossible. |
#1210
|
||||
|
||||
Quote:
One of the reasons we click on install is to allow updates to be sent, users should have been informed in this manner. If the author is unable / unwilling to fix the issues then another user may have been able, before it was made public. BTW - if people install it and don't click install as requested then that is really their fault, as a hack writer, I have little sympathy for them. FYI - this is the second time this has been publically posted in this thread, not the first - and as I said last time - I need to know what the actual problems are since we run a "hacked" version of the hack - so just replacing it with whatever the author provides is not feasible anyway. |
#1211
|
||||
|
||||
@Paul M
Well, if only the users were informed then others (who might not have clicked Install or have not yet installed this) would not know. And I think it's better to know that there are problems, instead of keeping them secret. It's the same with for example Browser security issues: Once they are discovered, the developers are being informed. After a while the information gets made public on Full Disclosure or smth. like this, so users are aware of the problem and can take apropriate action before a patch is available. If they don't do - it'sd their fault But leaving them uninformed increases the risk, as users wouldn't even know that there are problems. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|