OWASP VBScan is an open-source code based on perl programming language which is used to find vulnerabilities and analyses them in VBulletin CMS. If you’re trying to penetrate vBulletin forum, First step will be finding vulnerabilities.  OWASP VBScan is an right tool to try.


How to Use OWASP VBScan?

First, Download the code from: Github or

After downloading, Now it’s time to run the file before that we need to change some permissions to run vbscan.pl file.

Some usage examples,



Here’s an example how this tool works.

Wow that was quick already found lot of vulnerabilities.

As you can see this tool has fetched all the exploits for the specific vBulletin version. There’s lot of vulnerabilities sites you can search them using dorks and report to admins to patch them 🙂