Bug Site compromised

[Fgt]

Hello, my site was recently hacked.

I believe it was because of my vBShout version. I've already cleared out the site and upgraded pretty much everything that needed to be upgraded, but I had a question regarding how the users hacked the website. If someone could shed some light on how they did it (I had version 6.0.2) I could possibly use that to know how fatal the breach was.

 

[Fillip H.]

Could you shed some light on why you believe it was vBShout?

 

[Fgt]

Could you shed some light on why you believe it was vBShout?

There were access logs of people visiting weird URLs with vbshout.php, I would just like to know what exploits existed in 6.0.2 in order to figure out what potential damage I might not have "patched".

 

[Fillip H.]

According to a search in the News forum for "security vbshout" the following threads would be relevant:

http://www.dragonbyte-tech.com/f77/vbshout-v6-0-4-security-release-6831/?highlight=Security+vbshout
http://www.dragonbyte-tech.com/f77/vbshout-v6-0-7-security-release-6886/?highlight=Security+vbshout
http://www.dragonbyte-tech.com/f77/security-hotfix-vbshout-v6-0-8-a-9024/?highlight=Security+vbshout

I can't tell you anything more regarding the severity beyond what's in those threads, as I don't know.

You should always always be up to date with your software, Windows and DBTech alike. We have a free Modification Version Checker that can tell you when your mods are out of date, supported by all DBTech mods and many others