Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ProStats - is it secure?
#3
While this though is generally correct, certain vulnerabilities are dangerous even in the ACP. Recently an user reported that his site was completely hacked and after some researches we pointed out that iShare was used as an injection vector by the hackers who, thanks to an unsanitized upload process, were able to upload a shell script and thus wipe out the entire user's site, not just his MyBB copy.

SQL Injections like this are not dangerous for your site because eventual attackers would have already had access to your admin panel, meaning that they would be able to cause worse damages, definitely.
[Image: fSGNVQj.png]


Messages In This Thread
ProStats - is it secure? - by Paraadox - 2013-11-09, 02:33 PM
RE: ProStats - is it secure? - by Darth Apple - 2013-11-09, 04:06 PM
RE: ProStats - is it secure? - by Shade - 2013-11-09, 07:29 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)