MyBB 1.6.12

30 December 2013

SecurityMaintenance

This version is no longer supported

The MyBB 1.6 series reached end of life on October 1, 2015.

This means there will be no more security or maintenance releases for this series and forums running this version of MyBB may be at risk of unfixed security issues. The MyBB Group strongly encourages all communities to upgrade to the latest release of MyBB as soon as possible.

Download latest Find out more

Security vulnerabilities addressed (4)

Medium risk

A SQL vulnerability when editing smilies in ACP

Reported by ChALkeR

Medium risk

A SQL vulnerability when deleting posts with Akismet in ACP

Reported by ChALkeR

Medium risk

A XSS vulnerability in video MyCode

Reported by ChALkeR

Low risk

A XSS vulnerability in smilie popup

Reported by Spenzert

Issues resolved (10)

MyCode parser adds new lines since 1.6.11
Some plugins throwing errors due to usage of unsupported language file calls since 1.6.11
Uploading attachments may fail when safe mode is enabled
Promotion task option “weeks” doesn’t work properly
Issue with queries not being executed in the correct order on logout
#2196 Thread Prefix altered via Tamper Data
#2251 Reputation doesn’t carry over when merging users
#2267 See other’s posts in a “see own post forum” through archive
#2275 Mod Log error when posting new thread
Adding support for 4-Byte UTF-8 Unicode Encoding in MySQL
When MySQL 5.5.3 or above is used a new option to convert the tables to 4-Byte UTF-8 Unicode Encoding is available in the –UTF-8 Conversion– page in the Admin Control Panel. This allows to store unicode characters with 4 bytes. If you don’t know what we are talking about you probably don’t need it. PgSQL and SQLite can store such characters by default.

Changed Files (37)

admin/
- modules/
  - config/
    - calendars.php
    - smilies.php
  - forum/
    - announcements.php
    - management.php
  - tools/
    - system_health.php
  - user/
    - users.php
archive/
- index.php
inc/
- datahandlers/
  - event.php
  - pm.php
  - post.php
  - user.php
- languages/
  - english/
    - admin/
      - tools_system_health.lang.php
      - datahandler_post.lang.php
  - english.php
- plugins/
  - aksimet.php
- tasks/
  - promotions.php
- class_core.php
- class_language.php
- class_parser.php
- db_mysql.php
- db_mysqli.php
- functions.php
- functions_post.php
- functions_upload.php
install/
- resources/
  - language.lang.php
- index.php
member.php
misc.php
modcp.php
newthread.php
polls.php
private.php
report.php
reputation.php
showthread.php
usercp.php
xmlhttp.php

Changed Language Files (2)

There are changes to 2 language file(s). Changed languages files can be cross-referenced from the list above.