Start ‘Splaining

I want answers and I want them now. This is completely and utterly ridiculous. Absurd. A complete farce.

Never have I ever been so concern than I was two days ago. After watching this ridiculous security flaw unfold, and talking it over with Chronos, he made a strong point. HOW THE !@#$%& DO YOU SCREW UP A STABLE PLATFORM LIKE VBULLETIN 3.8?!?!!

We’ve had our fair share of vulnerabilities when vBulletin was under Jelsoft. They varied from Cross Site Request Forgeries, Cross Site Scripting Vulnerabilities and SQL Injections. NEVER EVER had I ever seen a vulnerability as bad as the one introduced by Internet Brands. A vulnerability that could potentially expose your SQL Username, SQL Password, SQL Server and SQL Port information? My God!

Vulnerabilities were at least contained strictly to the application itself, but now it has completely spread beyond the application and allowing script kiddies direct access into people’s database server.

I find that extremely unsettling. To err is human, to screw up a stable version of vBulletin requires Internet Brands.

  • http://www.vbtruth.com Mass Exodus

    If any potential vBulletin customer is interested in buying a license, copies of vB 3 and 4 are being sold on the open market at 50% off the price new. The number of people dumping vBulletin as a forum software is soaring. You might not be able to read the customer forums but I’ve never seen anything so horrendous in a company site. The employees there have been silent for at least a week, letting the customers just go to town and rip the company. Someone should start a list of Internet Brand owned forums to boycott. Perhaps this is the place to do it.