Hacked

Yesterday, I immediately carried out the code changes in the recent security announcement, but this morning I have a zillion DB errors in my inbox and my links are red. I have trawled through a ton of pages in the announcement thread but still no fix. And that thread is closed

Can someone please post a simple idiots guide to fixing this exploit or at least open the thread. Thanks

oh got the same. i don't know why, but after few times i disable and enable vbseo, everything went fine again

so, what i noticed, the color of links caused by css of database error that appears in the bottom

error was this:
Database error in vBulletin 3.8.7:

Invalid SQL:
SELECT * FROM vb_datastore WHERE title='pluginlist';


hope to hear something from vbseo staff

I disabled VBSEO to check that it was this mod causing the problems, and the forums worked fine, then reenabling VBSEO seemed to make everything good, no more errors and no more red links. I feel this is a just an interim fix and its not over yet, but if you have not disabled/enabled VBSEO yet, give it a go.

Please try re-importing the vbseo product XML file into the adminCP. This should flush out any bad code in any of the vbseo plugins and refresh the datastore.

I have the same issue
I used vbseo_checkplugins.php (ver 2) and it found something in datastore plugin
Then I followed with the fix and actually I don't get database errors

but

how can VBSEO 3.3 users patch this? I don't have /vbseo/includes/functions_vbseocp_abstract.php

in the announcement section VBSeo staff explains that the exploit is related to this
<script type="text/javascript" src="http://www.vbseo.com/info/vbseo_checkver.js?ver=<?php echo

so I did remove that line from my vbseocp.php

So actually:
1) I did run vbseo_checkplugins2 and fixed a datastore plugin
2) removed <script type="text/javascript" src="http://www.vbseo.com/info/vbseo_checkver.js?ver=<?php echo

Anythingelse I need to do? I'm using VBSeo 3.3.2
Please help

You should upgrade to latest stable vBSEO version.

Additionally you should not remove that line.

OK but I don't understand:
VBSEO provided a patch for versions 3.5 and 3.6

I have VBSeo 3.3.2, I suppose that I need to change something, to patch something, to close the vulnerability
otherwise someone can use the same vulnerability again

So, what I need to do for patching the vulnerability on VBSeo 3.3.2?

Moreover I can't update actually because I have a modded version (even if we didn't change the main part of the code)

vBSEO 3.3.2 does not have the vulnerability

there's something I can't undestand.
This morning I wake up with tons of mails pointing out this problem:
Invalid SQL:
SELECT * FROM vb_datastore WHERE title='pluginlist';

I did google a bit and I found that there was a security issue with VBSeo

I did use vbseo_checkplugins2 and it foud something wrong in datastore plugin

And I'm not affected by the vulnerability?

You need to run vbseo_checkpluins2 and reset your datastore

Originally Posted by menbi

I have the same issue
I used vbseo_checkplugins.php (ver 2) and it found something in datastore plugin
Then I followed with the fix and actually I don't get database errors

but

how can VBSEO 3.3 users patch this? I don't have /vbseo/includes/functions_vbseocp_abstract.php

This is the same issue I have. I am running 3.3.2 and I don't have that file either, but I was also hit with the same hack.

I disabled / re-enabled VBSeo and I am still getting the errors, albeit intermittently. I'd like to just completely uninstall VBSeo but I'm not sure how to do that without dorking anything up.

Originally Posted by Mert Gökçeimam

You need to run vbseo_checkpluins2 and reset your datastore

I ran the checkplugins with no response.

How do I reset the datastore?