vBulletin has published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software. If left unpatched, the reported security vulnerabilities could eventually allow remote attackers to take complete control over targeted web servers and steal sensitive user information. Written in PHP, vBulletsin is a widely used proprietary Internet forum software package that powers over 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums. Administrators are highly recommended to apply the security patch before hackers started exploiting the vulnerabilities to target their forum users.
Source: https://thehackernews.com/2019/10/vBulletin-hacking-exploit.html