I wanted to test an old vbulletin installation i got left from a friend ages ago, i don`t use it btw. After searching for any exploits for it (i was just bored and wanted to see what i could do) i found a exploit published here: http://www.xatrix.org/article2034.html the version is 2.2.5 btw.

Anyway i did what it said and got the sessionid, and password hash, but they were encrypted, so i don`t see the reason in my patching it because it's encrypted anyway, so no one can get into it.

Also, it's not like the exploit gave my username or password away at all, so even if attackers saw what i did they couldn`t do anything.

Am i just reading this all wrong and infact it's giving away alot of detail with which someone could hack my bbs? if so, please explain cos i don`t understand the benefits of patching this paticular exploit.