Posted by Dawid Golunski on Aug 12

vBulletin
CVE-2016-6483

vBulletin software is affected by a SSRF vulnerability that allows
unauthenticated remote attackers to access internal services (such as mail
servers, memcached, couchDB, zabbix etc.) running on the server
hosting vBulletin as well as services on other servers on the local
network that are accessible from the target.

The following versions are affected:

vBulletin <= 5.2.2
vBulletin <= 4.2.3
vBulletin <=…