vBulletin is a publishing suite that allows users to create and publish a variety of content, including: forums, blogs, and polls.
If you currently use an older version of
vBulletin
on your website, you might be opening up your site to an attack as
some serious security vulnerabilities, which allows hackers to access
your hosting admin panel.
Two Indian Hackers, going by virtual name
Ne0-h4ck3r
&
Google-warri0r
has developed an exploit of known
vBulletin
vulnerability, that can be used to add a user remotely to
vBulletin
customer panel with admin privileges.
According to Hackers,
vBulletin
versions 4.x.x.x are affected to their exploit. It isn’t quite clear
the extent of the exploit, however, hundreds of major websites on
vBulletin
have been reported to be affected.
Here’s a list of some domains that have been used so far in this attack:
- http://usasexguide.info/
- http://www.desironak.com/
- http://www.pakistanipoint.com
- http://www.cssexam.com/forum.php
- http://www.bankers.pk/
- http://voiceofkarachi.com/
- http://www.pakguns.com/
Hackers targeting Pakistani forums, as well as some USA based forums also i.e. Below you can see the database from
usasexguide.info
forum having thousands of registered users, was hacked by team recently.
Via: TheHackerNew