My understanding is that certain versions of vBulletin do have backdoor exploits.
But I'm not saying anything more so as to encourage anyone to do anything illegal. Hacking into private systems is illegal. So, I know your son was just speaking in theoretical terms.
Mind you, you have to be somewhat skilled to use the backdoor, it only works on some versions of this particular forum software, and it can be closed, which I'll assume Dennis has already done for TB2K...so you son may only be referencing a backdoor exploit which is probably patched at this particular vBulletin forum...therefore, no worries.