This section is an archive with no posting allowed. The software represented in this forum is no longer supported or updated. If you need help upgrading to a newer version of vBulletin please open a support ticket. You can also post in the section supporting the upgrade version you're planning to use.
We are sorry for any inconvenience this may cause.
Welcome to the vBulletin support forums! In our community forums you can receive professional support and assistance with any issues you might have with your vBulletin Products.
Could not find a thread about it here yet - from this thread at vBGermany. What about the exploit posted at Security Focus (http://www.securityfocus.com/archive/1/492290)? For me, the example query at least generates a database error (which then triggers an email) - so at least this should be fixed. Any word from a developer? What Martin said in that thread on securityfocus.com doenst seem to be completely true.
€: For those who do not speak german: It can't be exploited, nothing more than the database error. Replace the code from the first code with that from the second.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X
We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.
By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also consent to the transfer of your data to our servers in the United States, where data protection laws may be different from those in your country.
Tweet
![zCarot [RU]](./core/custompics/avatar/thumbs/avatar145151_8.gif "zCarot [RU]"){kind=avatar}
Comment