2006-07-15, 10:56 AM
(This post was last modified: 2006-07-15, 10:58 AM by Chris Boulton.)
Due to the malicious intent of some users and a vulnerability discovered in MyBB a few hours ago, we're releasing an update to the MyBB 1.1.x series. The exact vulnerability is performed by spoofing HTTP headers to perform an invalid request to MyBB which allows SQL injection.
We recommend all users upgrade their copy of MyBB to the latest available release.
The release on the MyBB site has also been updated to 1.1.6.
Update instructions are in the next post, including a list of changed files (and a ZIP archive of them) as well as manual patching instructions for those of you who have customized their code.
Regards,
Chris Boulton
We recommend all users upgrade their copy of MyBB to the latest available release.
The release on the MyBB site has also been updated to 1.1.6.
Update instructions are in the next post, including a list of changed files (and a ZIP archive of them) as well as manual patching instructions for those of you who have customized their code.
Regards,
Chris Boulton