My Forum running vBulletin 5.0.3 got hacked yesterday

Did you take a look at the announcement section? There is a security issue (just raised) about the install directory. Hope this helps unless it's something new/different.

Was there an email about the security issue? I only just realized it now and deleted the folder.

No, I don't remember any e-mail.

No email has been sent, but there has been a notice pushed to the Admin CP, and an announcement and notice here on the support forums.

Nope, no email whatsoever.

i received the notice in my admin panel....pretty much the instant it was announced

No e-mail. Eventually, it will appear as a bullet point buried at the bottom of a marketing newsletter.

An email has been sent about both issues now.



Please read the following two blog posts:




Also please see these recent security announcements:

vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5
vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions

@Zachery
I see youve been actively helping people with those two links but please be advised that is is not only your /install folder that is causing this. There is something else as well and I can say this with conviction because two of my forums got hacked one was defaced with hacked by frozen heart crap written all over and a pakistan flag as favicon and what not and other there were two ids created "admin" both of them and I happened to be online at the time so sorted it but I do not have the /install folder on either of them and if you say those admin ids were created before I deleted the install folder then I disagree with you because I was online when those ids were created and the install folders were delete right after upgrades. I never keep the install folder on any of my vbulletin installations since 2008 as I felt they were not needed. These two forums were on different servers managed by two different companies (PSM and syslint) and they are both reputed companies when it comes to managing security.

I appreciate your company's efforts on this issue but your solution is not working. Also I dont like the fact that you closed my thread without letting me reply to it for a reson that is beyond my understanding.

Censorship is the best way to make IB's agenda seem positive
Also did the permissions get reset, I didn't think non-vb5 customers could post in here.

i think there's still hope for vBulletin to raise again . but it should truly understand what the new world seeks and bury the old thoughts about a good community software , and invest a lot to stop the death of vBulletin happening.