It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
VBulletin 3.8.6 FAQ.PHP Flaw Reveals Database SQL Credentials VBulletin 3.8.6 FAQ.PHP Flaw Reveals Database SQL Credentials
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


VBulletin 3.8.6 FAQ.PHP Flaw Reveals Database SQL Credentials
Reply
 
Thread Tools
Old 23rd July 2010, 16:28   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 82,497
jmke has disabled reputation
Default VBulletin 3.8.6 FAQ.PHP Flaw Reveals Database SQL Credentials


It has come to our attention that a vulnerability on vBulletin 3.8.6
has been discovered. The exploit allows a malicious user to retrieve a
forum’s database credentials via the faq.php script.

If you are running vBulletin 3.8.6, we strongly recommend that you
remove the faq.php script and change your mysql database details as a
precaution.

You can find faq.php in your vBulletin installation directory:
*/vbroot/faq.php
http://blog.sucuri.net/2010/07/vulne...tin-3-8-6.html
__________________
jmke is offline   Reply With Quote
Reply

« Corsair AX1200 PSU | OCZ Fatal1ty 750w Power Supply Preview »

Similar Threads
Thread Thread Starter Forum Replies Last Post
INQ: Oracle database has more holes than SQL Mr Robot Portable Storage, Games, Consoles, Laptops, Phones, Multimedia and Gadget News 0 28th November 2006 09:11

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 01:39.

Contact Us - Madshrimps - Top

Powered by vBulletin® - Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO