Spread the love

OWASP VBScan is an open-source code based on perl programming language which is used to find vulnerabilities and analyses them in VBulletin CMS. If you’re trying to penetrate vBulletin forum, First step will be finding vulnerabilities.  OWASP VBScan is an right tool to try.

How to Use OWASP VBScan?

First, Download the code from: Github or

git clone https://github.com/rezasp/vbscan.git

After downloading, Now it’s time to run the file before that we need to change some permissions to run vbscan.pl file.

chmod +x vbscan.pl

Some usage examples,


./vbscan.pl <target>
./vbscan.pl http://target.com/vbulletin


./vbscan.pl --help

Here’s an example how this tool works.

Wow that was quick already found lot of vulnerabilities.

As you can see this tool has fetched all the exploits for the specific vBulletin version. There’s lot of vulnerabilities sites you can search them using dorks and report to admins to patch them