All vB.org 3.8.x Add-ons and Template Mods as of 05/24/2009

N

nextgen

New Member
This is an amazing link. No need to search for certain mods. Almost all are in this download. You guys rock..
 
W

William9999

New Member
Cyb - Login To User Account

*** Please Sticky this Warning ****

There is a serious security bug in this modification which can allow a member to access any user account. DO NOT INSTALL! Been hacked twice because of this product!

vBulletin.org Forum - Cyb - Login To User Account

Seems like we have a worst-case-scenario... :( I just tried to "hijack" an admin account of a forum postet in the signatur of an user using the 3.7-Version.

Unfortunatly, I was successfull...
I now have full access of his forum! Don't worry - I will not do any harm!

ADMINs! Please remove all versions of this AddOn & inform every admin to disable this AddOn as soon as possible!
If vb-Admins would like to test hijacking forums - send PN an I'll give you some links to vunerable forums. There you can hijack any account you want. Unbelivable!!!
 
A

ahmedr

New Member
William9999 said:
Cyb - Login To User Account

*** Please Sticky this Warning ****

There is a serious security bug in this modification which can allow a member to access any user account. DO NOT INSTALL! Been hacked twice because of this product!

vBulletin.org Forum - Cyb - Login To User Account

Seems like we have a worst-case-scenario... :( I just tried to "hijack" an admin account of a forum postet in the signatur of an user using the 3.7-Version.

Unfortunatly, I was successfull...
I now have full access of his forum! Don't worry - I will not do any harm!

ADMINs! Please remove all versions of this AddOn & inform every admin to disable this AddOn as soon as possible!
If vb-Admins would like to test hijacking forums - send PN an I'll give you some links to vunerable forums. There you can hijack any account you want. Unbelivable!!!
Click to expand...

thanks a dozen for thje heads up!!
have they updated a new version to fix this bug?, is this bug in the latest version of the hack?
they must've fixed it or it would'nt be approved by vbulletin.org...or not, I am confused...why is it approved by vb.org when it is so vunerable!?!
If there's any update about this info can you please let us know....cause it is a great hack, shame its got a security bug, it was comming in handy, I've removed it from my forum till I here about a fix-up!

thanks again for the info!!!! This info needs to be sticked in this section!
 
P

Psilocybin_vbulletin3_import6855

New Member
William9999 said:
Cyb - Login To User Account

*** Please Sticky this Warning ****

There is a serious security bug in this modification which can allow a member to access any user account. DO NOT INSTALL! Been hacked twice because of this product!

vBulletin.org Forum - Cyb - Login To User Account

Seems like we have a worst-case-scenario... :( I just tried to "hijack" an admin account of a forum postet in the signatur of an user using the 3.7-Version.

Unfortunatly, I was successfull...
I now have full access of his forum! Don't worry - I will not do any harm!

ADMINs! Please remove all versions of this AddOn & inform every admin to disable this AddOn as soon as possible!
If vb-Admins would like to test hijacking forums - send PN an I'll give you some links to vunerable forums. There you can hijack any account you want. Unbelivable!!!
Click to expand...

where did you find this information?
 
You must log in or register to reply here.
Top