35,000 vBulletin Sites Have Already Been Exploited By Week Old Hole

0
405

realized writes “Last week Slashdot covered a new vBulletin exploit. Apparently hackers have been busy since then because according to security firm Imperva, more than 35, 000 sites were recently hacked via this vulnerability. The sad part about this is that it could have all been avoided if the administrator of the websites just removed the /install and/or /core/install folders – something that you would think the installer should do on its own.” Web applications that have write access to directories they then load code from have always seemed a bit iffy to me (wp-content anyone?) Read more of this story at Slashdot.

Original post:
35,000 vBulletin Sites Have Already Been Exploited By Week Old Hole

LEAVE A REPLY

Please enter your comment!
Please enter your name here

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.