2014-04-15, 03:15 PM
hay
i found secure issuse, you have it here too, on the url:
http://community.mybb.com/forumdisplay.p...tecut=9999
to fix it, open forumdisplay.php,
find
and add before it,
plz fix it on 1.6.13 (if will be..) and fix it here.
yours,
DanielM
i found secure issuse, you have it here too, on the url:
http://community.mybb.com/forumdisplay.p...tecut=9999
to fix it, open forumdisplay.php,
find
if(!isset($mybb->input['order']) && !empty($foruminfo['defaultsortorder']))
and add before it,
if(is_array($mybb->input['order']))
$mybb->input['order'] = $db->escape_string(implode($mybb->input['order']));
else
$mybb->input['order'] = $db->escape_string($mybb->input['order']);
plz fix it on 1.6.13 (if will be..) and fix it here.
yours,
DanielM