There is an inofficial exploitfix on www.infopop.com for the file ubb.inc.php
Code
// security fix from www.ubbcentral.com/boards/showflat.php/Cat/0/Number/40981/an/0/page/0#40981<br />@explode_data();<br />$Cat = get_input("Cat","get");<br />if (preg_match("/[^\d,]/", $Cat)){<br />$timea = getmicrotime();<br />$html = new html;<br />$html -> not_right("The script has received a malformed URL.");<br />}
If you apply this, the newspal.php have a malfunction. You are no longer able to click links. the $cat seems to bee empty and this result in a broken link with ...//... and a missing cat number.
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.