Honestly, you should not put any private info into this forum. Or use passwords from other sites.
It's running vBulletin 3.6.8 which is, quite literally, 11 years behind in updates. Every one of the
CVE vulns listed applies.
It's also running PHP 4.3.10 which is not supported and 15 years out of date. I'd post the list of CVE vulns but it's massive and just doesn't matter since it stopped receiving updates 31 Mar 2005.
And it's running IIS/6.0 which is vulnerable to
CVE-2017-7269 which is a unpatchable 0-day remote takeover vulnerability.
On top of that, it doesn't run over https.
So, unless all those versions have been falsified to throw people off, it's a miracle that the site hasn't been compromised.
Edit: I do want to point out that these are the versions that the forum tells the world. It's not an uncommon practice to falsify these headers to throw off bots. The lack of https is real though.
[ed. All this stuff is slated for upgrade before the end of the year. v/r,dr]