CVE-2006-4272

Name of the Vulnerable Software and Affected Versions Jelsoft vBulletin version 3.5.4

Description The issue allows remote attackers to register multiple arbitrary users, potentially causing a denial of service due to resource consumption. This can be achieved by sending a large number of requests to the "register.php" endpoint. It is worth noting that the vendor has disputed this issue, suggesting that enabling CAPTCHA would prevent registrations and that handling flood requests should be done at the server level.

Recommendations For Jelsoft vBulletin version 3.5.4, consider enabling CAPTCHA to prevent arbitrary user registrations. Additionally, configure server-level settings to handle and limit the number of registration requests to prevent resource consumption.