Cancel

MyBB 1.6.18

Security

This version is no longer supported

The MyBB 1.6 series reached end of life on October 1, 2015.

This means there will be no more security or maintenance releases for this series and forums running this version of MyBB may be at risk of unfixed security issues. The MyBB Group strongly encourages all communities to upgrade to the latest release of MyBB as soon as possible.

Download latest Find out more

Security vulnerabilities addressed (3)

Medium risk

Forum password bypass in xmlhttp.php

Low risk

SQL Injection in Grouppromotions module (ACP)

Low risk

Possible XSS Injection in the error handler

Low risk

Possible XSS issues in old upgrade files

Changed Files

  • admin
    • modules
      • user
        • group_promotions.php
  • inc
    • class_core.php
    • class_error.php
    • functions.php
  • install
    • resources
      • upgrade3.php
      • upgrade12.php
      • upgrade13.php
      • upgrade17.php
  • xmlhttp.php
Copyright © 2002-2017 MyBB Group