Discuss: MyBB 1.2.4 Released - Important Security Update
#31
Nice quick painless update. Thanks guys!
#32
Thank you Mybb Group

Thank you for the update

very easy to do as well (just need to update to files)

Thank you

Tazfan
#33
If staff wants to see it, fine, but I realized it would be bad to give out the code to hack MyBBs.

I had two files like that, one in uploads, and one in uploads/avatars.

They both had numerical filenames, the example was '75093.php'. Was my board breached?
[[ Web ]]
<SIGNATURE RULES ARE LAME>
[[ Mt. Moon Community ]]
#34
I to say
#35
I wonder about the quality of the provided patch:

* Why should a function (get_ip) that has absolutely nothing to do with database access use the function $db->escape_string?
* Why do you leave space characters in the IP address?
* Why is escape_string necessary at all, after you have filtered out everything except [0-9. ]?

Roland
#36
Thanks, updated.

I seen last night it was posted here, very fast at fixing it well done Smile.

#37
A nice easy fix.

I ran the vulnerability checker and it found a file.........went to my FTP not sure what I would find and found a file I'd uploaded myself to delete some files which wouldn't delete through my FTP GUI. I'd deleted the files but not the file deletion script.

D'oh!!!!!!!!

All happy now
#38
What were the file names that you deleted?
[[ Web ]]
<SIGNATURE RULES ARE LAME>
[[ Mt. Moon Community ]]
#39
Do i need to fix my old MyBB 1.2.2 Forum with this patch too or is this patch for MyBB 1.2.3 only?
#40
is this forum on the 1.2.4 ?
COOLIES


Forum Jump:


Users browsing this thread: 1 Guest(s)