In a new blog post from Brian Krebs, the recent discovery from Imperva that more than 35,000 websites have been hacked through a vBulletin hole, is discussed.
vBulletin is 4th in the list of installed CMS sites on the internet. The vulnerability allows an attacker to create an administrator account on a vulnerable site, therefore gaining full control over the victim site.
The blog post from Krebs looks at the vulnerability in detail and walks through the mitigation process: http://krebsonsecurity.com/2013/10/thousands-of-sites-hacked-via-vbulletin-hole/#more-23075
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.