Discuss: MyBB 1.1.6 Released
#11
The application we used for the previous audit was Acunetix Web Vulnerability Scanner. It acts as a HTTP spider for the URL you specify and attempts to locate vulnerable pages and actions.

For this update - the application couldn't detect it but more importantly, this isn't the kind of issue you think about - an IP address being able to be spoofed via HTTP headers. We were only notified after information had publicly been posted (an exploit script). It also appears (from the same site) IPB is vulnerable to the same issue with the same HTTP header being manipulated.
#12
good work on the quick patch Chris.
#13
Easiest update ever Toungue
#14
Updated. Smile
#15
Ah~ I had a feeling that there was going to be something released today. I'm going to go update now~
#16
Upgraded. Thanks Chris Smile
#17
why not putting the file in the suitable folder?
simply putting "functions" in the archive might cause disorientation

it ain't corresponding ...
#18
Shouldn't functions.php go into inc/functions.php

Seems to be a sloppy update.
#19
NSH Wrote:why not putting the file in the suitable folder?
simply putting "functions" in the archive might cause disorientation

it ain't corresponding ...

I agree (and nsh beat me to it!). Although I think most of us now know Cool that functions.php goes in /inc/, some may not.

silverwing
#20
updated... simple and easy. Thank you.
CafeParents.com - Parent-to-Parent discussion forums


Forum Jump:


Users browsing this thread: 1 Guest(s)