SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote attackers to execute arbitrary SQL commands via the templatesused parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/29174
http://www.securityfocus.com/archive/1/447010/100/0/threaded