Ozzy47
Administrator
Security Exploit fixed in vBulletin 4.2.2 and 4.2.3.
A security issue has been reported to us that affects vBulletin 4. We have released new builds of vBulletin 4.2.2 and 4.2.3 to account for this vulnerability. The issue may allow attackers to access sensitive data via the mobile API. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to that version as soon as possible.
You can download the build for your version here: Customer Login
Special thanks to NytroRST for reporting this issue.
To install the new build, download your version of vBulletin 4 (4.2.2 or 4.2.3) then upload all files found within the zip file except the /install/ directory. Make sure to overwrite the existing files on your server.
If you're using a version prior to 4.2.2, then you should follow standard upgrade procedures.
Builds available:
vBulletin 4.2.2 Patch Level 2
vBulletin 4.2.3 Beta 1
Security Patch Release for vBulletin Connect (5.0.0 - 5.1.4)
A security issue has been reported to us that affects all versions of vBulletin Connect 5. We have released security patches to account for this vulnerability. The issue may allow attackers to access sensitive data via the mobile API. It is recommended that all users update as soon as possible.
You can download the patch for your version here: Customer Login
As part of our maintenance of Cloud Sites, we will apply the patch to them. If necessary, we will contact Cloud Customers with further information.
The current vBulletin 5.1.4 Beta 2 includes these fixes as well. Please note that Alpha and Beta releases should not be used on production sites.
Special thanks to NytroRST for reporting this issue.
The following security patches are available:
5.1.3 PL1
5.1.2 PL5
5.1.1 PL5
5.1.0 PL6
5.0.5 PL7
5.0.4 PL8
5.0.3 PL7
5.0.2 PL8
5.0.1 PL7
5.0.0 PL7
To install the security patch, upload the files found within the patch zip file, overwriting the existing files on your server.
A security issue has been reported to us that affects vBulletin 4. We have released new builds of vBulletin 4.2.2 and 4.2.3 to account for this vulnerability. The issue may allow attackers to access sensitive data via the mobile API. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to that version as soon as possible.
You can download the build for your version here: Customer Login
Special thanks to NytroRST for reporting this issue.
To install the new build, download your version of vBulletin 4 (4.2.2 or 4.2.3) then upload all files found within the zip file except the /install/ directory. Make sure to overwrite the existing files on your server.
If you're using a version prior to 4.2.2, then you should follow standard upgrade procedures.
Builds available:
vBulletin 4.2.2 Patch Level 2
vBulletin 4.2.3 Beta 1
Security Patch Release for vBulletin Connect (5.0.0 - 5.1.4)
A security issue has been reported to us that affects all versions of vBulletin Connect 5. We have released security patches to account for this vulnerability. The issue may allow attackers to access sensitive data via the mobile API. It is recommended that all users update as soon as possible.
You can download the patch for your version here: Customer Login
As part of our maintenance of Cloud Sites, we will apply the patch to them. If necessary, we will contact Cloud Customers with further information.
The current vBulletin 5.1.4 Beta 2 includes these fixes as well. Please note that Alpha and Beta releases should not be used on production sites.
Special thanks to NytroRST for reporting this issue.
The following security patches are available:
5.1.3 PL1
5.1.2 PL5
5.1.1 PL5
5.1.0 PL6
5.0.5 PL7
5.0.4 PL8
5.0.3 PL7
5.0.2 PL8
5.0.1 PL7
5.0.0 PL7
To install the security patch, upload the files found within the patch zip file, overwriting the existing files on your server.