NOTE: This message is being sent to vBSEO customers only, and relates to a vBulletin vulnerability. It is in no way related to vBSEO, however, we are bringing it to the attention of our users to help minimize the number of communities impacted by the exploit.***
Hello valued vBSEO customer,
It has come to our attention that a vulnerability on vBulletin 3.8.6 has been discovered. The exploit allows a malicious user to retrieve a forum's database credentials via the faq.php script.
If you are running vBulletin 3.8.6, we strongly recommend that you remove the faq.php script and change your mysql database details as a precaution.
You can find faq.php in your vBulletin installation directory:
*/vbroot/faq.php
Alternatively, you may upgrade to the latest version of vBulletin
(4.0.5) which not impacted by this vulnerability.
رد مع اقتباس
