+-----------------------------------------------+ | MyBB 1.1.8 Vulnerability Fix | | Manual Patch Instructions | | | | Please note: | | This is a temporary patch for MyBB 1.1.8 | | boads to protect against a new security | | vulnerabilities before boards upgrade to | | MyBB 1.2.7 | | | | This patch should only be applied to boards | | running MyBB 1.1.8 | | | +-----------------------------------------------+ --------------------------- 1. private.php --------------------------- Find: -- $order = $mybb->input['order']; $sortby = $mybb->input['sortby']; -- REPLACE with: -- $order = htmlspecialchars($mybb->input['order']); $sortby = htmlspecialchars($mybb->input['sortby']); -- ALL DONE