What's new at Valcato HQ

vBulletin Security Flaw

July 22, 2010, Written by 0 comment

A serious security flaw has been discovered in version 3.8.6 of the popular forum software vBulletin. The flaw enables anyone to easily access the main administrator username and password for a site. And could potentially allow hackers to access data, such as e-mail addresses, and edit the site at will.

We could therefore strongly encourage customers who are running version 3.8.6 to immediately apply the patch provided by vBulletin with the version number 3.8.6 PL1

BBC News reports:

The flaw affects version 3.8.6 of the software, which was released on 13 July.
The simple hack, which the BBC has confirmed, allows even unskilled people to access many websites.

With a few key strokes the person can obtain the administrator’s username and password for the website. This can be used to log in to the site and modify and delete elements at will.


Leave a reply

Your email address will not be published. Required fields are marked *

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.