+--------------------------------------------------------------------------------+ | MyBB 1.2.10 - Avatar Vulnerability Patch File | | (c) 2007 MyBB Group. | | | | This patch file fixes a security vulnerability issue in MyBB 1.2.10 | | | | Please follow the instructions documented to manually patch your board. | +--------------------------------------------------------------------------------+ ================= 1. inc/functions_upload.php ================= Find: -- $img_dimensions = @getimagesize($mybb->settings['avataruploadpath']."/".$filename); if(!is_array($img_dimensions)) { -- Under it add: -- @unlink($mybb->settings['avataruploadpath']."/".$filename); -- Find: -- if($img_dimensions[2] != $img_type || $img_type == 0) { -- Under it add: -- @unlink($mybb->settings['avataruploadpath']."/".$filename); -- ===================== DONE =====================