Posted by MustLive on Apr 01
Hello list!
I want to warn you about Cross-Site Scripting and SQL DB Structure
Extraction vulnerabilities in MyBB.
————————-
Affected products:
————————-
Vulnerable are MyBB 1.6 and previous versions. In MyBB 1.6.1 these four
vulnerabilities were fixed (by turning SQL error messages off).
———-
Details:
———-
Vulnerabilities take place in scripts search.php and private.php.
XSS (WASC-08):…
Source: Vulnerabilities in MyBB