Hello, users of GovTeen. This message is aimed towards the administration team but feel free to read along.
Your arcades plugin is a faulty excuse of a plugin. I would remove it and add another arcade system. ibProArcade has said numerous times that the SQL injection exploit through their plugin has been patched. Yet only recently have I pentested a forum running the exact same software, same plugin, and got the message, showing the Administrator user and hash password. Note that hackers can crack the hash password and log into your Administrator account and cause serious damage, including uploading a shell, defacing the forum, and even ripping the forum's user database.
I would change this plugin. Thanks for reading.
Your arcades plugin is a faulty excuse of a plugin. I would remove it and add another arcade system. ibProArcade has said numerous times that the SQL injection exploit through their plugin has been patched. Yet only recently have I pentested a forum running the exact same software, same plugin, and got the message, showing the Administrator user and hash password. Note that hackers can crack the hash password and log into your Administrator account and cause serious damage, including uploading a shell, defacing the forum, and even ripping the forum's user database.
I would change this plugin. Thanks for reading.