XVideoSharing - important security notice

Message
Author
mxhology
Posts: 3
Joined: Apr 02, 2012 8:00 am

important security notice

#1 Postby mxhology » May 24, 2017 10:19 pm

Hello dear,

recently many XVS website was hacked all using XVS script.
the last one Flashx.tv that happend today, redbunker, youwatch, exashare... and much more.

you have any idea how this happend ?

Regards

mxhology
Posts: 3
Joined: Apr 02, 2012 8:00 am

Re: important security notice

#2 Postby mxhology » May 25, 2017 12:07 am

other host lost just now speedvid...
that is really critical and sibsoft not aware about this problem till now.

we are waiting for fix and investigation how they hack XVS !

admin
Site Admin
Posts: 1839
Joined: Mar 22, 2006 12:32 pm

Re: important security notice

#3 Postby admin » May 27, 2017 2:35 am

No one of these site owners contacted us about anything like that.

AnonymousUser
Posts: 1
Joined: Jun 09, 2017 10:22 pm

Re: important security notice

#4 Postby AnonymousUser » Jun 09, 2017 10:29 pm

Here are some information about the Security Vulnerability, which we (Partner) got from an FlashX:

"...security vulnerability in the Sibsoft streamscript... We, our hoster, our coder and a lot of other people secured everything in the last weeks. All security gaps from the software of Sibsoft are removed! It was unfortunately not our fault. We are victims in this case! By the way: Every website with Sibsoft is vulnerable !!... It was possible for attackers to delete the fileservers and delete the files...The attacker had !!no access!! to the database, only file servers were affected)... We are very much affected, sour, sad and angry."

If you take a look at the code from the streaming script, you should not be surprised. It is absolutely terrible: uncommitted, dirty, no programming paradigm used like e.g. OOP, wrong English terms, confusing, Wrong HTML standard, Websites based on extremely old-school HTML tables (!), no correct documentation and no naming convention like CamelCase.

FlashX lost over 3PB, maybe you should contact them to get more information. It is your software product and it is your job to protect your customers (!).

Xenus
Posts: 10
Joined: May 23, 2013 7:40 pm

Re: important security notice

#5 Postby Xenus » Jun 09, 2017 10:39 pm

AnonymousUser wrote:By the way: Every website with Sibsoft is vulnerable !!...
:( :cry: :( :cry:

Admin, did you tried to contact them to find out the vulnerabilities?
We are are very worried about this.

tendea
Posts: 71
Joined: Feb 28, 2013 9:59 pm

Re: important security notice

#6 Postby tendea » Jun 10, 2017 8:30 am

admin please let us know if there is some bug

User avatar
PilgrimX182
Posts: 2186
Joined: Mar 22, 2006 1:39 pm

Re: important security notice

#7 Postby PilgrimX182 » Jun 13, 2017 10:04 am

Some sites had vulnerabiliries that were used by hackers to delete files on few file servers. These holes were detected already.
You can create support ticket if you need us to check/fix your script version.