Register Members List Search Today's Posts Mark Forums Read

Thread Tools
Old 04 Aug 2014, 05:01
loua_oz loua_oz is offline
Join Date: Dec 2010
Bogus subscriptionss.php inserted into /forums directory

VB Maintenance detected that there is a file that is not part of VBulletin


I don't know what it does (now I can not have a look into it) but when I redirected to it, the screen I got is attached.

How did they insert it? Anything I can do to prevent it?

VB 4.2.2 Patch 1
Vanilla, not a single plugin
No install directory

Turned my site off until I get on the machine where I can remove the file.
Attached Images
File Type: jpg subscriptionss.jpg (76.0 KB, 13 views)
Reply With Quote
Old 04 Aug 2014, 09:51
AusPhotography's Avatar
AusPhotography AusPhotography is offline
Join Date: Nov 2007
Real name: Rick-owner, Kym-admin
There are other attack vectors such as via insecure hosting

Change all of your passwords ASAP (root, hosting account etc.)
__________________ a.k.a. AP is a photography forum where members share their photography, photo editing skills and techniques. We run regular photographic competitions; Rick (site owner) and Kym (site tech) using this account
*** Home of the AP fully comprehensive vb4 photographic competition management solution ***
Reply With Quote
Old 04 Aug 2014, 10:14
ozzy47's Avatar
ozzy47 ozzy47 is offline
Join Date: Jul 2009
Real name: Chris
Please read the following two blog posts:
Also please see these recent security announcements:
vBulletin 4.1.x-4.2.x & All versions of vBulletin 5:
vBulletin 5.0.x patch released, for a different security issue:
Reply With Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

New To Site? Need Help?

All times are GMT. The time now is 17:46.

Layout Options | Width: Wide Color: