Guest Paul M Posted June 16, 2016 Posted June 16, 2016 A security issue has been reported to us that affects vBulletin 4. We have released security patches for vBulletin 4.2.2 & 4.2.3 to account for this vulnerability. The issue could potentially allow attackers to perform SQL Injection attacks via the included Forumrunner add-on. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to the latest version as soon as possible. Please note that you need to update regardless of whether you have Forumrunner enabled. You can download the patch for your version here: http://members.vbulletin.com/patches.php To install the patch, download the appropriate files for your version of vBulletin 4 then upload all files found within the zip file. Make sure to overwrite the existing files on your server. If you're using a version prior to 4.2.2, then you should follow standard upgrade procedures. Patches available: vBulletin 4.2.2 Patch Level 5 vBulletin 4.2.3 Patch Level 1 vBulletin 4.2.4 Beta 2 has been released and includes the fix. Continue reading... Quote
Forum² Admin AWS Posted June 18, 2016 Forum² Admin Posted June 18, 2016 I think this is a patch for the vulnerability that caused a large number of sites to be hacked. Quote IPB Webmaster - For Invision Community Enthusiasts - SEO Help Forum
GTB Posted June 18, 2016 Posted June 18, 2016 I think this is a patch for the vulnerability that caused a large number of sites to be hacked. Yeah, it got released two days after the hacking. They didn't say (credit the person) who reported it by name. So I think same thing. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.