VBulletin 3.8.6 FAQ.PHP Flaw Reveals Database SQL Credentials

@ 2010/07/23


It has come to our attention that a vulnerability on vBulletin 3.8.6
has been discovered. The exploit allows a malicious user to retrieve a
forum’s database credentials via the faq.php script.

If you are running vBulletin 3.8.6, we strongly recommend that you
remove the faq.php script and change your mysql database details as a
precaution.

You can find faq.php in your vBulletin installation directory:
*/vbroot/faq.php

No comments available.

 

 

Copyright © 2001-2011 Madshrimps, All rights reserved.
Graphic Design by Dennis Kestelle, Programming by Maarten Menten, Overall Site design by John Meys

All information and graphics contained in Madshrimps are sole property of the Madshrimps crew and may not be reproduced or copied in any manner without written permission from us.

Madshrimps