Wednesday, May 25, 2011
Security Alert: vBulletin 4.X vulnerable to SQL Injection & CSRF/XSRF Exploits!
Two Serious Security Flaws are detected in vBulletin 4.X Versions and also their Security SQL Injection & CSRF/XSRF Exploits are now also available.
Impact of these Flaws:
Lots of big Forums are on vBulletin 4.X version and these Forums can be hacker easily using the exploits by any hacker. We would like to Request Admins to Patch their Forums as soon as possible.
vBulletin 4.X Security Patch
Exploits are available at
SQL Injection : http://www.1337day.com/exploits/16147
CSRF/XSRF : http://www.1337day.com/exploits/16160