Club PA 2.0 has arrived! If you'd like to access some extra PA content and help support the forums, check it out at patreon.com/ClubPA
The image size limit has been raised to 1mb! Anything larger than that should be linked to. This is a HARD limit, please do not abuse it.
Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!

CVE-2013-3527 - Vanilla Forums SQL injection vulnerability

Just a kindly heads up about an SQL injection vulnerability that may affect these forums (Vanilla Forums before 2.0.18.8 are affected). I'm confident you mod-types are on the ball, but figured since I randomly saw this I might as well post about it.

Vanilla Forums 2.0.18 SQL-Injection / Insert arbitrary user & dump usertable
Security Update: Vanilla 2.0.18.8

<3

Posts

  • IcyLiquidIcyLiquid Two Steaks Montreal, QuebecAdministrator, Vanilla Staff vanilla
    Thanks for keeping your eye on the ball @immortal squish, but 2.0.18 is more than a year old. These forums were actually never on the 2.0 branch as far as I'm aware.

    In fact, we're scheduled to go to 2.2 sometime this month :)

Sign In or Register to comment.