Serious vulnerability discovered in vBulletin
An interesting vulnerability was found in the popular forum engine vBulletin - when you type the word “database” in the search on the FAQ page, all information about connecting to the MySQL server is displayed.
The problem was fixed in vBulletin version 3.8.6-PL1.
If you believe the developers - this bug was simply an oversight, they forgot to remove part of the debug code from the engine.