MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Possible to backdoor a theme?
Full Version: Possible to backdoor a theme?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Master Mind

2013-03-21, 01:56 PM
Is it possible a theme to have attached some kind of backdoor/virus/shell on it?

Thank you.

frostschutz

2013-03-21, 02:00 PM
Yes. Themes contain templates, templates contain JavaScript (which may grab and forward your login data among other things), in addition to that MyBB uses eval() to evaluate templates so direct PHP execution on your server (and thus direct DB access, shells, etc.) is a possibility.

You should only use plugins/themes from sources you trust.

Cedric

2013-03-21, 02:00 PM
I dont think so it is possible Toungue
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Possible to backdoor a theme?