Kevin Judge
content writer
  • E-Commerce
  • it security
1 Star2 Stars3 Stars4 Stars5 Stars
Loading...

vBulletin Announces Emergency Patch for SQL Injection Vulnerability

vBulletin Solutions announced this week that they have a critical emergency patch to their vBulletin forum software to fix an SQL injection vulnerability that could allow hackers to access the software’s databases. The vulnerability and fixes apply only vBulletin version 5.

The patch will automatically be implemented on all sites on Vbulletin’s cloud hosting service. Other registered customers can download the fix from the vBulletin web site.

SQL injection is a technique used by hackers to attack web applications with public input forms that use a relational database for the back-end. Malicious SQL statements are inserted into an entry field of a web form for SQL injection. If successful, the hackers can view, update or delete data in the database.

There are techniques for preventing SQL injections, such as filtering for string characters such as “&”. When such a vulnerability is identified it needs to be treated with the highest priority because it may lead to total control of the database by hackers.

Be Proactive with Comodo

Such SQL injection vulnerabilities can be identified by using a vulnerability scanning service such as Comodo HackerGuardian and Webinspector services.

TEST YOUR EMAIL SECURITY
Share:

Stay in the loop

Sign up to our cyber security newsletter