No announcement yet.

Hack attempt? subscriptions/authorize.php

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hack attempt? subscriptions/authorize.php

    I am getting some MySQL errors since last night. The request seems to be from the same IP.

    Database error in vBulletin 3.0.3:
    Invalid SQL: SELECT userid, languageid, styleid FROM user WHERE userid = 1 and ord(substring(password, 26,1))=
    mysql error: You have an error in your SQL syntax.  Check the manual that corresponds to your MySQL server version for the
    right syntax to use near '' at line 1
    mysql error number: 1064
    Date: Monday 20th of September 2004 12:19:47 PM
    Apache log shows: - - [20/Sep/2004:12:21:47 +1000] "POST /subscriptions/authorize.php HTTP/1.1" 200 0 "-" "libwww-perl/5.64"

    The SQL contains userid = 1 worries me. It seems that is the only page that IP accesses. It has come around twice now in the last 24 hours (12 hours apart).

    Is this a bad guy/script? or just a broken crawler?

  • #2

    It has come to our attention that a problem exists with the code used to run paid subscriptions when using as the payment manager.

    The problem is minor and difficult to exploit, but we have updated the vBulletin 3.0.3 package in the members' area with updated code.

    If you are already running vBulletin 3.0.3, you need only download the authorize.php file attached to this message and upload it to your 'subscriptions' directory on your server.


    • #3
      Thanks for the quick reply.

      I have deleted this file. That should let the script to give up.


      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.