Scroll Top

vBulletin vulnerability discovered

October 14, 2013

vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector.

vBulletin is currently positioned 4th in the list of installed CMS sites on the Internet. Hence, the threat potential is huge.

Although vBulletin has not disclosed the root cause of the vulnerability or its impact, we determined the attacker’s methods. The identified vulnerability allows an attacker to abuse the vBulletin configuration mechanism in order to create a secondary administrative account. Once the attacker creates the account, they will have full control over the exploited vBulletin application, and subsequently the supported site.

Full Article

Join Our Online Security and Hosting Newsletter Today

and stay updated with the latest news, updates, releases & much more.
Subscribe
SUBSCRIBE NOW
We respect your privacy.

Related Posts

vBulletin active exploit

We have been trying to validate a possible 0day in vBulletin. While we do not have definitive proof that one exists at this time, we decided to send out a alert to be on the safe side. Various forums have taken their sites down until further notice, if you…

17 Nov 2013

Join Our Online Security and Hosting Newsletter Today

and stay updated with the latest news, updates, releases & much more.
Subscribe
SUBSCRIBE NOW
We respect your privacy.
close-link
Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required
Privacy Policy Cookies Policy