MyBB launches 1.2.11 security fix


January 14, 2008

MyBB has updated its forum software with an important security fix and new version due to two high risk security vulnerabilities being found in MyBB.

Both of these vulnerabilities can allow remote code execution by a malicious user via a web browser.

1.2.11 Changes:

* [HIGH RISK] Security fix for remote code injection in forumdisplay.php
* [HIGH RISK] Security fix for remote code injection in search.php
* [LOW RISK] Security fix for possible SQL injection in moderator functionality (Note: can only be performed if the current user is a moderator)
* [LOW RISK] Security fix for possible SQL injection in administration panel (Note: can only be performed if the current user is an administrator)

The latest release of MyBB available on the MyBB website is MyBB 1.2.11.






 

Post a comment

Your email address will not be published. Required fields are marked *

Visited 1459 times, 2 so far today