The flaw could allow a hacker to access forum user’s personal dataA serious flaw in software widely used to power online discussion sites could allow hackers to harvest reams of personal data, the BBC has learned.
The flaw in a specific version of the vBulletin software allows anyone to easily access the main administrator username and password for a site.
This would also allow hackers to access data, such as e-mail addresses, and edit the site at will.
The owner of the program – Internet Brands – released a fix on 21 July.
However, at time of writing, many sites remain vulnerable.
via bbc.co.uk