Cancel

MyBB 1.6.14

SecurityMaintenance

This version is no longer supported

The MyBB 1.6 series reached end of life on October 1, 2015.

This means there will be no more security or maintenance releases for this series and forums running this version of MyBB may be at risk of unfixed security issues. The MyBB Group strongly encourages all communities to upgrade to the latest release of MyBB as soon as possible.

Download latest Find out more

Security vulnerabilities addressed (5)

Medium risk

Possibility of executing PHP code through settings

Reported by GiantCrocodile

Low risk

A XSS vulnerability in polls.php

Reported by AntiPaste

Low risk

A XSS vulnerability in portal.php

Reported by AntiPaste

Low risk

Password protected forums can be viewed from the portal

Reported by Nathan Malcolm

Low risk

Super moderators have more permissions than expected

Reported by JordanMussi

Issues resolved (50)

View issues on GitHub

Changed Files (32)

  • admin/
    • inc/
      • functions_view_manager.php
    • modules - config - profile_fields.php - settings.php - forum - attachments.php - management.php - style - themes.php - tools - adminlog.php - backupdb.php - modlog.php - recount_rebuild.php - user - admin_permissions.php - groups.php - mass_mail.php - titles.php - users.php - index.php
  • inc/
    • datahandlers - user.php
    • languages
    • english - admin - forum_attachments.lang.php - forum_management.lang.php - tools_adminlog.lang.php - tools_modlog.lang.php - user_mass_mail.lang.php - user_titles.lang.php - messages.lang.php - modcp.lang.php - polls.lang.php - showthread.lang.php - english.php
    • mailhandlers - smtp.php
    • tasks - promotions.php - userpruning.php
    • class_core.php
    • class_language.php
    • class_moderation.php
    • class_parser.php
    • class_session.php
    • functions.php
    • functions_search.php
    • functions_upload.php
    • install - resources - language.lang.php - mybb_theme.xml - upgrade29.php - upgrade.php
    • jscripts - inline_moderation.js - validator.js
  • calendar.php
  • editpost.php
  • forumdisplay.php
  • member.php
  • modcp.php
  • newreply.php
  • newthread.php
  • polls.php
  • portal.php
  • reputation.php
  • search.php
  • showthread.php
  • syndication.php
  • task.php
  • usercp.php

Changed Language Files (10)

There are changes to 10 language file(s). Changed languages files can be cross-referenced from the list above.

Changed Templates (9)

  • forumdisplay_inlinemoderation
  • member_register
  • modcp_ipsearch_misc_info
  • modcp_modqueue_attachments_attachment
  • post_attachments_add
  • post_attachments_new
  • search_results_posts_inlinemoderation
  • search_results_threads_inlinemoderation
  • showthread_inlinemoderation
Copyright © 2002-2017 MyBB Group