Attackers are mass-exploiting an anonymously disclosed vulnerability that makes it possible to take control of servers running vBulletin. The vulnerability was disclosed through an 18-line exploit that was published on Monday by an unidentified person. Vulnerability is so severe and easy to exploit that some critics have described it as a back door. Vulnerable sites running the app should take comments offline until administrators install a patch that was released late Wednesday morning. The patch was released in early Wednesday to fix the bug.”]