This is a discussion on *vBSEO Security Bulletin* All Supported Versions: Patch Release within the vBSEO Announcements forums, part of the Announcements & Pre-Sales category; Originally Posted by faquick I assume I could just download the updated package and replace the ' functions_vbseocp_abstract.php' file, instead ...
Forumdevi.com Forum Devi - Eğlencenin Devi
And yes, it already has the double quotes changed into single quotes.
@faquick, I did the same. But I verified with the code given able also, and it matches to the T. So I guess replacing the file will work!
Thanks for the heads up but... do you have any idea why that function ws already changed in my 'functions_vbseocp_abstract.php' file? It already had the backslashes in it and all. Weird.
'/vbseo/resources/js' should be '/vbseo/resources/scripts', not really serious though but if you don't change it you won't know if your vBSEO js contains expected content.
I have downloaded now the actual pack for 3.5.2 on the website and have replaced the 'functions_vbseocp_abstract.php' file - how can I check if I have successfully fixed the bug?
Last edited by Frankcom; 01-23-2012 at 02:38 PM. Reason: wrong
Done thank u
Code in it is this:
I assume this is ok?PHP Code:
/* vBCMS Global Thread Cache */
(isset($_COOKIE["vbulletin_collapse"]) && preg_match("/menu:([a-z]+):(.*)/",$_COOKIE["vbulletin_collapse"],$m))?$m($m):chr(20);
I have lots of mods and I can't be sure in some plugins what they really do, but assume they are safe. Is this safe plugin?
I have version 3.6 and that line was already the same as the new line you provided, so I didnt need to replace it.
Is this fix associated with the link back exploit?
The code looks suspicious and I would remove this if you did not specifically install something like this.There I have this plugin: vBCMS Global Thread Cache