Wednesday, May 25, 2011

Security Alert: vBulletin 4.X vulnerable to SQL Injection & CSRF/XSRF Exploits!



Two Serious Security Flaws are detected in vBulletin 4.X Versions and also their Security SQL Injection & CSRF/XSRF Exploits are now also available.

Impact of these Flaws:
Lots of big Forums are on vBulletin 4.X version and these Forums can be hacker easily using the exploits by any hacker. We would like to Request Admins to Patch their Forums as soon as possible.


vBulletin 4.X Security Patch
http://www.vbulletin.com/forum/showthread.php/376995-vBulletin-4.X-Security-Patch?AID=804495&PID=564936

Exploits are available at
SQL Injection : http://www.1337day.com/exploits/16147
CSRF/XSRF : http://www.1337day.com/exploits/16160

No comments:

Post a Comment