vBulletin Security

[Bala]

Is VB worth spending 120$? Especially as VB 4 has quite a few unpatched vulnerability. I would pay about 90$ for the community suite, whole thing blog and forum and pay about 60$ for forum with forumrunner.

 

[VICE]

Especially as VB 4 has quite a few unpatched vulnerability.

What are those?

All vulnerabilities has been patched so far.

Please don't spread false rumors.

 

[Bala]

Well if you did not know a few still do exist. I can confirm one XSS as I and my friend were the one to find it and report it on XDA. Ubuntu got hacked, XDA hacked most VB 4.XX forums are facing the heat. Its better to go VB5.

 

[VICE]

Well if you did not know a few still do exist. I can confirm one XSS as I and my friend were the one to find it and report it on XDA. Ubuntu got hacked, XDA hacked most VB 4.XX forums are facing the heat. Its better to go VB5.

Either you're out of date, speaking nonsenses or have found new exploits.

In case of the last, feel free to report them as I would like to know as well.

The XSS exploits has been patched in 4.2.2.

As for other rumors, none has been definitely proven so far.

 

[Bala]

Well they are new ones mate. I know Vbulletin did fix quite a few vulnerabilities in 4.2.2 but give its record I wont trust it. Nothing against VB but I found these issue when I was considering moving to VB, so currently waiting for someone to post a 5X license. And the trend has been bad for VB most customers especially smaller ones are going to XF.

 

[Dan]

Split this off to a new thread.

 

[VICE]

Well they are new ones mate.

Evidences?

 

[Andrej]

To be honest, vBulletin is no longer worth it. vBulletin 5 is awful. Choice IPS or XenForo, you will not be disappointed.

 

[Mrchris]

Vbulletin is as secure as you make it. the main reason most of hacks commonly happen is due to flaws in the plugins and weak passwords. If you routinely take backups and make different passwords per social accounts you should be fine. I would say vb is worth the money if you think about the time, effort, dedication put into that.

 

[Stijl]

Vbulletin is as secure as you make it. the main reason most of hacks commonly happen is due to flaws in the plugins and weak passwords. If you routinely take backups and make different passwords per social accounts you should be fine. I would say vb is worth the money if you think about the time, effort, dedication put into that.

Totally agree, any software can be compromised if your install is a target. vB legacy products we're written and supported well, vB 5 is still a toddler and will improve with time. There are many communities still running vB 3.X and those community members would not have it any other way. the 4.X series is great for those "publishing" type of communities, I Personally I really like the 3.X version best with the only down side being not terribly mobile friendly without third party add ons and lack of spam control.