Posted by MustLive on Apr 01
I want to warn you about Cross-Site Scripting and SQL DB Structure
Extraction vulnerabilities in MyBB.
Vulnerable are MyBB 1.6 and previous versions. In MyBB 1.6.1 these four
vulnerabilities were fixed (by turning SQL error messages off).
Vulnerabilities take place in scripts search.php and private.php.
Source: Vulnerabilities in MyBB