A warning from its developer team vBulletin informs its customers that a vulnerability exists security in vBSEO, a sub-application for the optimization μηχανών αναζήτησης. οι διαχειριστές συνιστάται να επιλέξουν ένα διαφορετικό εργαλείο για την εργασία SEO.
Administrators waiting for an update to fix the issue are informed by vBulletin that there is a solution to the issue. This is to disable 2 code lines within vBSEO / includes / functions_vbseo_hook.php.
These two lines are as follows:
// if(isset($_REQUEST['ajax']) && isset($_SERVER['HTTP_REFERER']))
// $permalinkurl = $_SERVER['HTTP_REFERER'].$permalinkurl;
In case you are also running the Suspect File Versions diagnostic tool, then you will need to generate new MD5s for it archive that you have changed.
However, η vBulletin warns in the email that proposes the above amendment that it does not warrant that exploitation of the security vulnerability (referred to as CVE-2014-9463) will no longer be possible, and that the vBulletin team is not responsible if something's wrong.
The recommendation for administrators is to completely remove vBSEO from the system and choose a different tool for optimizing SEO.
