Announcement

Collapse
No announcement yet.

yea!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • yea!

    http://www.milw0rm.com/video/watch.php?id=30

    cool video, made during 3.6 beta testing stages

  • #2
    That's an old video and no customers have been affected I believe. We've already fixed the problem on our site a while ago.

    Comment


    • #3
      wow.. never knew that. glad vbulletin fixed it though.

      Comment


      • #4
        It only effects nullified copies of vBulletin ontop of everything else.

        Comment


        • #5
          That's a cool demonstration, but it's not limited to being used on the old vBulletin.

          Comment


          • #6
            Its only limited to users who have nulled thier viersions. If you have a legal copy it cannot even be exploited.

            Comment


            • #7
              Oh, sorry. I meant not vBulletin period. Other script-based web applications can be exploited too.

              Comment


              • #8
                Yes, XSS isn't limited to our web site ;p

                Comment


                • #9
                  what does nulled mean ?

                  Comment


                  • #10
                    nulled is when the ligitimate check is taken out when it updates back to vb.com and says current ver is 3.x you take out that check it nulls the vb (could or couldnt be ligit site doing it for various reasons) but most of the time its people using it on pirated boards (pirating vb software)

                    Comment


                    • #11
                      Originally posted by infexious View Post
                      what does nulled mean ?
                      Pirated copy (not paid for)

                      Comment


                      • #12
                        Null means lame. If they're pirating anything they deserve to be hacked.

                        Comment


                        • #13
                          Downside of running a nullified release (where the customer number etc has been stripped from the software) is that anybody can enter the install or upgrade script (it doens't ask anymore for auth.)

                          Just another downside of running a warez copy.

                          Comment

                          Related Topics

                          Collapse

                          Working...
                          X