Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate information stored in the databases of vBulletin-based sites. Code patches that need to be applied manually were released for versions 5.0.4, 5.0.5, 5.1.0, 5.1.1 and 5.1.2 of vBulletin and can be downloaded by registered customers. The vulnerability only affects vBulletin 5 -- officially known as vBulletin 5 Connect -- and not vBulletin 4.