vBulletin

has multiple security vulnerabilities in it.

http://www.cvedetails.com/vulnerability-list/vendor_id-781/product_id-1338/version_id-39451/Jelsoft-Vbulletin.html details all of the vulnerabilities in it.

http://www.1337day.com/exploit/1545 - PoC demonstrating SQLi vulnerability.

It’s important to stay up to date with any sort of publicly available system and definitely something as large as vBulletin. Your version is from 2006 – that’s almost 10 years old.

There’s a plan to upgrade to a newer version of vBulletin eventually. I don’t think it will happen until the summer at the earliest, when traffic here is the lowest.