1.2.4
[edit] Release Date
MyBB 1.2.4 was released on 4 April 2004 to address a high risk security vulnerability.
[edit] Announcement Summary
MyBB 1.2.4 is a security update to the MyBB 1.2 series. It fixes a HIGH risk vulnerability recently discovered and reported in MyBB. We recommend everybody upgrades to this release as soon as possible or patches their boards with the manual patching instructions below.
We recommend all users upgrade their copy of MyBB to the latest available release.
This vulnerability allows a hacker to remotely gain access to your forums via a valid administrative session and have the ability to upload remote/backdoor files to your forums.
Immediately we're releasing a new version of MyBB which patches this exploit (MyBB 1.2.4). MyBB 1.1.8 is not affected.
MyBB 1.2.4 fixes this security vulnerability and nothing more: We're not quite ready to release a bug fix update at this time.
As a security precaution we also recommend that all users scan their uploads and uploads/avatars/ directories for files ending in .php - if there are any files of that type, delete them.
You can also use the vulnerability scanner at the bottom of the following thread to scan your forums.
More information here: http://community.mybboard.net/showthread.php?tid=18002
| 1.4.x | 1.4.2 - 1.4.1 - 1.4.0 |
| 1.2.x | 1.2.14 - 1.2.13 - 1.2.12 - 1.2.11 - 1.2.10 - 1.2.9 - 1.2.8 - 1.2.7 - 1.2.6 - 1.2.5 - 1.2.4 - 1.2.3 - 1.2.2 - 1.2.1 - 1.2.0 |
| 1.1.x / 1.0x | 1.1.8 - 1.1.7 - 1.1.6 - 1.1.5 - 1.1.4 - 1.1.3 - 1.1.2 - 1.1.1 - 1.1.0 - 1.04 - 1.03 - 1.02 - 1.01 - 1.00 |
| Pre-1.0 | PR2 - PR1 - RC4 - RC3 - RC2 - RC1 - Beta 4 - DevBB |
| Legend | Italics: Development / Beta / Private Latest Public Release |