Hackers mentioned that, there exploit allows them to upload there php shell on the forum server, which allows him to browse further directory of the server with full privileged. This new exploit is working on the latest version of the vBulletin 5.0.5, and the patch of this exploit is not available yet.
As there are millions of site that use vBulletin CMS. Hackers have not shared any information about there exploit, this means that, they will use there exploit for further more sites also.
At this time, OpenSUSU team have taken down there forum, but you can see the mirror of the hack.
On the blog post, OpenSUSU have confirmed that there database have been breached but none of the users credentials have been leaked.
A cracker managed to exploit a vulnerability in the forum software which made it possible to upload files and gave access to the forum database.