The vBulletin team released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8, 4.X, 5.X.
A security issue has been found that affects all versions of vBulletin including 3.x, 4.x and 5.x. We have released security patches to account for this vulnerability. This includes patches for vBulletin 3.8.7, vBulletin 4.2.2 and all versions of vBulletin 5 (including Cloud accounts). The patch is also applied to vBulletin 5.1.0 RC1. It is imperative that you apply these patches as soon as possible.
- Install the patch provided by vBulletin team (consult web references for a dirrect link to this patch).
- WordPress Plugin EZPZ One Click Backup Remote Code Execution (12.03.10)
- ColdFusion AMF Deserialization RCE
- GhostScript RCE (Remote Code Execution)
- WordPress Plugin Video Embed & Thumbnail Generator 'kg_callffmpeg.php' Multiple Remote Code Execution Vulnerabilities (1.1)
- Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7)