MyBB 1.6.18
Security
code 1618
This version is no longer supported
The MyBB 1.6 series reached end of life on October 1, 2015.
This means there will be no more security or maintenance releases for this series and forums running this version of MyBB may be at risk of unfixed security issues. The MyBB Group strongly encourages all communities to upgrade to the latest release of MyBB as soon as possible.
Full Package
Install a new MyBB forum or upgrade from older versions.
.zip – 1.88 MB
Download from MyBB.comsha512:
2c0c369898a85a42f3c32fd54b74dafa980bb888d4396adcd04fa7462c06e8b4c39e18f3070da1cb34f676cac313933b75cc7b2c0f3d377c1019a2f8abce6672
More checksums…
sha256:
67c9b2d3a0f8020347a6b4caa6e7a6c7233d582f254f984b44ff870dc3c3822e
sha1:
0616d3d6af433e722c22cc06b25072918977cca9
md5:
ad17b498116831a1d1d75bf07351ea0c
Changed Files
Upgrade from the previous version.
.zip – 0.09 MB
Download from MyBB.comsha512:
10055408cf097abf374807c4a403c27653431c29f6a466b76c9191c91b81621a0b278ce4fb0ec372b26e1876131cf3346c36ab000df71c5e71682223a55193aa
More checksums…
sha256:
1db342284c4aa2aedf51d25a1046d4cef13e537d051927e2faf006c8cfda6c2a
sha1:
1f5f547da9b89a715be2fe2cc9deb78398d95499
md5:
542f2ecfdc29f326607a2f82616cc95c
Security Vulnerabilities Addressed (3)
Forum password bypass in xmlhttp.php
SQL Injection in Grouppromotions module (ACP)
Possible XSS Injection in the error handler
Possible XSS issues in old upgrade files
Changed Files
- admin
- modules
- user
- group_promotions.php
- user
- modules
- inc
- class_core.php
- class_error.php
- functions.php
- install
- resources
- upgrade3.php
- upgrade12.php
- upgrade13.php
- upgrade17.php
- resources
- xmlhttp.php