Announcements

Dear VB License Holder, It has come to our attention that there may be a potential security vulnerability in VBSEO affecting the latest version of the software (and potentially other versions as well). We've attempted to contact the vendor, but as they have been non-responsive we felt we should alert the community as many of our customers use this add-on software. If you think you might be running a vulnerable version of the software, there is a simple fix: just comment out the following lines in the file vbseo/includes/functions_vbseo_hook.php: if(isset($_REQUEST['ajax']) && isset($_SERVER['HTTP_REFERER'])) $permalinkurl = $_SERVER['HTTP_REFERER'].$permalinkurl; should be changed to: // if(isset($_REQUEST['ajax']) &&...

We are proud to announce the release of the vBulletin Mobile Suite 1.9. This version is covers a number of issues for iOS compliance. There are a number of issues resolved for both the iOS and Android versions. The Mobile Suite is available for all versions of vBulletin that support the Mobile Api. iOS Improvements [VBI-879] - selecting post then pressing move in moderate options closes the app iOS vb3 1.4 [VBI-1165] - In German language settings buttons are in french language [VBI-1171] - Formatting buttons are not visible/hidden [VBI-1173] - Some activity stream items don't load all the info [VBI-1194] - Create Thread Screen - View is not correct / Predictive Keyboard [VBI-1195] - Landscape Mode Alerts displayed incorrectly...

A security issue has been reported to us that affects vBulletin 5. We have released security patches for the versions vBulletin 5.0.0 through 5.1.4 to account for this vulnerability. The issue may allow attackers to perform CSRF exploits via the Moderator Control Panel. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 5 older than 5.1.4, it is recommended that you upgrade to that version as soon as possible. You can download the patch for your version here: http://members.vbulletin.com/patches.php To install the patch, download the appropriate files for your version of vBulletin 5 then upload all files found within the zip file. Make sure to overwrite the existing files on your...

A security issue has been reported to us that affects vBulletin 4. We have released security patches for vBulletin 4.2.2 to account for this vulnerability. The issue may allow attackers to perform CSRF exploits via the Moderator Control Panel. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to that version as soon as possible. You can download the patch for your version here: http://members.vbulletin.com/patches.php To install the patch, download the appropriate files for your version of vBulletin 4 then upload all files found within the zip file. Make sure to overwrite the existing files on your server. If you're using a...

A security issue has been reported to us that affects vBulletin 3. We have released security patches for the versions vBulletin 3.8.7 and 3.8.8 to account for this vulnerability. The issue may allow attackers to perform CSRF exploits via the Moderator Control Panel. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 3 older than 3.8.7, it is recommended that you upgrade to that version as soon as possible. You can download the patch for your version here: http://members.vbulletin.com/patches.php To install the patch, download the appropriate files for your version of vBulletin 3 then upload all files found within the zip file. Make sure to overwrite the existing files on your server...

For vBulletin 5.x.x This security update will help you prevent attacks through the Mobile API. For vBulletin 5.1.4 only, the critical bug fixes address issues with the vBulletin 5 upgrade system, and two separate issues with site builder. The bug fix issues are as follows: VBV-13932 Some Javascript was breaking the ability for site builder to initialize. VBV-13926 The “Create New Page” feature does not set a default layout VBV-13960 Customers Upgrading from earlier versions of vBulletin may have a broken settings page. You can download the build for your version here: https://members.vbulletin.com/ and the patch can be found here: https://members.vbulletin.com/patches.php To install the patch, download it then upload all included...

A security issue has been discovered that affects the vBulletin 4 Publishing Suite. We have released a patch to correct this issue for vBulletin 4.2.2 The issue may allow attackers to perform SQL Injection attacks against the CMS portion of the Publishing Suite. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to that version as soon as possible. You can download the build for your version here: https://members.vbulletin.com/ and the patch can be found here: https://members.vbulletin.com/patches.php To install the patch, download it then upload all included files found within the zip file. Make sure to overwrite the existing...