2015-08-25, 03:06 AM
(This post was last modified: 2016-02-04, 09:43 PM by User 95587.)
Now i'm not sure how this happened nor how it can be fixed. Yesterday I got on my forums with people complaining that they were hacked. I banned those accounts, and they contacted me saying that they were done messing around, although I cant have an exploit like this just possible. The hackers claimed what they did was a SQL Injection, which allowed them to get the logins for the accounts, and they also claimed that it was impossible to fix. I want to not believe that, although they could be correct. So with that said, is it possible to fix this "SQL Injection"? My friend claimed that it was something to do with vulnerable plugins, so I put together a list of plugins that I have on the mybb site. Click here to see my plugins. This might be asking a bit much, but this is really serious for the health of my community, and I feel that it should not be this easy to just get into a mybb account.
This might have been what was used to get into the site.
Regards,
Xenonzo
This might have been what was used to get into the site.
Regards,
Xenonzo