• About
  • Advertise
  • Careers
  • Contact
Saturday, March 25, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Patch now your vBulletin install before hacker will target your forum

by Cyber360 News
May 12, 2020
in Security
0
Patch now your vBulletin install before hacker will target your forum
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Maintainers of the vBulletin project have released an important fix to address a security vulnerability tracked as CVE-2020-12720.

Administrators of online discussion forums based on the popular vBulletin CMS urge to update their install to address a critical security vulnerability tracked as CVE-2020-12720.

“A security exploit has been reported within vBulletin 5.6.1. To fix this issue, we have created a new security patch.” reads the advisory published by vBulletin. “If you are using a version of vBulletin 5 Connect prior to 5.5.2, it is imperative that you upgrade as soon as possible.”

The vulnerability was reported to the development team by the security engineer Charles Fol, the expert will provide additional details during the SSTIC conference that is scheduled for the next month.

vBulletin released a patch addressing a critical vulnerability I reported through @ambionics. Patch your software. Details will be released during @sstic.

— Charles Fol (@cfreal_) May 8, 2020

The popular software is currently used by over 100,000 websites, including forums for multiple top companies and organizations.

Experts believe that after the disclosure of the critical vulnerability, hackers will intensify their attacks on the unpatched websites running on top of the popular CMS.

Threat actors could perform a reverse-engineering the security patch released by the organization to develop their own exploit.

According to the National Vulnerability Database (NVD), the vulnerability is the result of an incorrect access control issue that affects versions prior to 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1.

Forum administrators could install security updates for the following versions of vBulletin Connect:

  • 5.6.1 Patch Level 1
  • 5.6.0 Patch Level 1
  • 5.5.6 Patch Level 1

vBulletin maintainers are not aware of proof-of-concept code available online either attacks exploiting the issue in the wild.

Pierluigi Paganini

(SecurityAffairs – forum, hacking)



Share On


Cyber360 News

Cyber360 News

Next Post
Magellan Health warns ransomware attack exposed PII

Magellan Health warns ransomware attack exposed PII

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In