Hello, in this manual is adviced to add this code into vbseo.php file:

Step 5 :
If you have vbseo installed add this to the top of vbseo.php in your forum root directory.

if (strpos($_SERVER["QUERY_STRING"],'%00')) die;

This manual is about fixing vulnerabilities, please what does above "if strpos" do? / prevent?

I assume it denying POST OR GET requests where in request (URL?) is the phrasse %00 which is "used to bypass sanity checking filters in web infrastructure by adding URL-encoded null byte characters (i.e. %00, or 0x00 in hex) to the user-supplied data. This injection process can alter the intended logic of the application and allow malicious adversary to get unauthorized access to the system files." (per http://projects.webappsec.org/w/page/13246949/Null%20Byte%20Injection)