Plugin Exploits (Being reported as MyBB 1.6.5 Exploits)

Discussion in 'MyBB Discussions' started by News Bot, Jan 12, 2012.

  1. News Bot

    News Bot Regular Member

    Apr 28, 2011
    Likes Received:
    Cyber Space
    Hello everyone,
    We’d like to inform you that two security holes were found in two plugins which are very common on multiple MyBB forums out there. The affected plugins are the following:
    [ SEO ] Simple Tag Cloud Plugin (Tags) by Watt
    FBConnect (not available on our Mods site) by Nayar
    The first was unapproved and a PM was sent to the plugin author and until the author fixes the issue it will remain unapproved on the Mods site.
    The second has been updated already and the issue has been fixed. If you’re looking for the fixed version, it is available on the author’s website as well as on the MyBB community forums here.
    We strongly advise you to remove the first plugin entirely from your forum and either remove the second one or install the fixed version.
    We also recommend you to do the necessary searching for any data that may have been compromised.
    On a side note, numerous “exploiting scripts” have been spreading throughout the internet which refer to these two vulnerabilities as if they were vulnerabilities in MyBB itself and that is not true.
    Thank you,
    MyBB Team

    Continue reading...
    Last edited by a moderator: Jan 6, 2014

Share This Page