Two potential issues have been identified in vBulletin 5.3.2 and higher. The first affects the template rendering functionality and could lead to arbitrary file deletion. The second allows the possibility of remote file inclusion via the legacy routing system on Windows servers. We have applied fixes for these issues. It is recommended that you apply this patch as soon as possible. To do so, download the patch for your version from https://members.vbulletin.com/patches.php and upload the files to your server. Overwrite the existing files with the new ones. If you have not upgraded to 5.3.4 yet, it is recommended that you do a full upgrade to vBulletin 5.3.4 Patch Level 1.
The Security Patch can be downloaded at https://members.vbulletin.com/patches.php
Patches Released:
vBulletin 5.3.4 Patch Level 1
vBulletin 5.3.3 Patch Level 1
vBulletin 5.3.2 Patch Level 2
The Security Patch can be downloaded at https://members.vbulletin.com/patches.php
Patches Released:
vBulletin 5.3.4 Patch Level 1
vBulletin 5.3.3 Patch Level 1
vBulletin 5.3.2 Patch Level 2
