A webmaster forum specifically catering for Australian site owners. We discuss site development, marketing and management issues.
Please welcome our newest member, mmmmmu!
Spice up your web site with the ultimate community message board solution!
Fake Id'sGet fake Id's made right now!
vBSEOSearch Engine Optimization for your VBulletin Forum.
AdminFusion
»
[MyBB News] Regarding the "Debug mode, change users password" Vulnerability
| | #1 |
| | |||||
| Title: Apprentice Join Date: Sep 2005 Posts: 443 ![]() | Hi, It has come to our attention that users have discovered what they believe to be a vulnerability in MyBB with the lost password functionality and debug mode. We want to make it clear this is not a vulnerability in MyBB and has hugely been miss-reported and identified by "HACKERS PAL" the group who "discovered it". The supposed vulnerability states that using the MyBB debug mode users can see the challenge code we save in the database for password resets and this can then be used to change the password of a user. Lets look at the facts:
If for some reason you do have the debug mode functionality accessible to the public (either by a code modification yourself or someone else) then we recommend you disable it. More... | ||||
| |
![]() |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Getting Site User Feedback | shellspeare | Handling Problem Members | 2 | 03-09-2006 08:34 PM |
