The UBB.threads development team has identified a serious exploit that can allow a standard user to obtain elevated permissions on UBB.threads forums and upload malicious files.

To protect yourself from the vulnerability, patches must be immediately applied if you are running version 7.3 and later. Patches for each version are now available for download in the member’s area of UBBCentral.com:

https://www.ubbcentral.com/members/members.php

To apply the patch upload the files provided in the patch to the appropriate directories in the UBB.threads installation on your server, overwriting the existing files.

Special thanks to Sirdude, gliderdad, Ruben and Gizmo for their assistance.

EDIT - never mind - I downloaded the wrong folder

No full upgrade, just upload the files over the old ones.....

Patched.

Thanks.

Patched our board a few min ago, Thanks!

And thanks to our "identifying sites" for allowing us all to parade through their logs and test patches .

For those of you who had me install the patches for you, you're set, patched as issues where discovered. For those whom I provided DATA on HOW to patch, you'll need to apply the patch from the members area.

I downloaded 12-ubbthreads-7-5-6p1 (I have ver. 7.5.6) - Do I upload the _MACOSX Directory? (I don't have one now)

Bill

I dont see a _MACOSX Directory. There should be 4 directories: admin, languages, libs, and scripts

No, it's for MacOSX servers only

The _MACOSX can be ignored, we updated the downloads so it's not there anymore....