MyBB Documentation

Version: 1.8.5

MyBB 1.8.5

Release Date

MyBB 1.8.5 was released on 27 May 2015.

Announcement Summary

MyBB 1.8.5 is a security and maintenance release and fixes 6 vulnerabilities and 58 reported issues causing incorrect functionality of MyBB.

Fixed Issues

  • Vulnerabilities:
    • Medium Risk: Reset password code check could be circumvented in member.php
    • Medium Risk: Sender email could be spoofed when sending an email to a user in member.php
    • Medium Risk: Permissions not checked for post search with old sid in search.php
    • Medium Risk: XSS in quick edit function of xmlhttp.php
    • Low Risk: CSRF in ACP mass mail cancellation
    • Low Risk: Use of the U+200E Unicode character to create “duplicate” username
  • Bugs fixed:

Changed Files

The following files have changed since MyBB 1.8.4.

  • admin
    • inc
      • class_form.php
    • modules
      • config
        • calendars.php
        • mod_tools.php
        • mycode.php
        • profile_fields.php
        • settings.php
        • smilies.php
      • forum
        • announcements.php
        • management.php
      • home
        • preferences.php
      • style
        • templates.php
        • themes.php
      • user
        • admin_permissions.php
        • group_promotions.php
        • groups.php
        • mass_mail.php
        • users.php
    • index.php
  • images
    • headerlinks_sprite.png
  • inc
    • datahandlers
      • login.php
      • pm.php
      • post.php
      • user.php
      • warnings.php
    • languages
      • english
        • admin
          • config_profile_fields.lang.php
          • config_settings.lang.php
          • config_thread_prefixes.lang.php
          • forum_management.lang.php
          • global.lang.php
          • user_users.lang.php
        • datahandler_post.lang.php
        • global.lang.php
        • member.lang.php
        • private.lang.php
        • reputation.lang.php
        • showteam.lang.php
      • english.php
    • tasks
      • delayedmoderation.php
      • userpruning.php
    • adminfunctions_templates.php
    • class_core.php
    • class_custommoderation.php
    • class_datacache.php
    • class_moderation.php
    • class_parser.php
    • db_base.php
    • db_mysql.php
    • db_mysqli.php
    • db_pdo.php
    • db_pgsql.php
    • db_sqlite.php
    • functions.php
    • functions_archive.php
    • functions_forumlist.php
    • functions_post.php
    • functions_search.php
    • functions_user.php
  • install
    • resources
      • adminoptions.xml
      • mybb_theme.xml
      • mysql_db_tables.php
      • pgsql_db_tables.php
      • settings.xml
      • sqlite_db_tables.php
      • upgrade2.php
      • upgrade3.php
      • upgrade5.php
      • upgrade12.php
      • upgrade30.php
      • upgrade32.php
      • upgrade33.php
    • index.php
  • jscripts
    • sceditor
      • editor_plugins
        • bbcode.js
        • format.js
        • undo.js
        • xhtml.js
        • jquery.sceditor.bbcode.min.js
        • jquery.sceditor.default.min.css
        • jquery.sceditor.min.js
        • jquery.sceditor.xhtml.min.js
  • contact.php
  • forumdisplay.php
  • global.php
  • managegroup.php
  • member.php
  • misc.php
  • modcp.php
  • moderation.php
  • newreply.php
  • newthread.php
  • private.php
  • reputation.php
  • search.php
  • sendthread.php
  • showteam.php
  • showthread.php
  • stats.php
  • usercp.php
  • warnings.php
  • xmlhttp.php

Language Changes

There are changes to 12 language files. Changed languages files can be cross-referenced from the list above.

Template Changes

There are changes to 9 templates.

  • codebuttons
  • modcp
  • postbit_attachments_images_image
  • postbit_attachments_thumbnails_thumbnail
  • private_advanced_search
  • private_send_tracking
  • reputation
  • usercp_profile_contact_fields
  • usercp_profile_customtitle

Edit this page on GitHub