Yeah. If anyone hasn't been following vB.org's graveyard, there is an exploit in that mod. It allows a user to access an admin's account. I don't know the specifics, but it's graveyarded on vBulletin.org.
Think we should graveyard, and remove the files here? Or at least put a warning in the first post?
Think we should graveyard, and remove the files here? Or at least put a warning in the first post?