This Metasploit module abuses the "install/upgrade.php" component on vBulletin 4.1+ and 4.5+ to create a new administrator account, as exploited in the wild on October 2013. This Metasploit module has been tested successfully on vBulletin 4.1.5 and 4.1.0.
Support the originator by clicking the read the rest link below.