+ Reply to Thread
Results 1 to 4 of 4

Bookmark and Share

  1. #1
    Surpass Fan Comfy Contributor
    Points: 8,240, Level: 27
    Level completed: 15%, Points required for next Level: 510
    Overall activity: 0%
    Achievements:
    Veteran5000 Experience Points
    psfrog's Avatar
    Member since
    Jun 2004
    Location
    Sweden
    posts
    282
    Points
    8,240
    Level
    27
    Thanks
    50
    Thanked 38 times

    Exclamation WHMCS - Security Vulnerability

    An SQL injection vulnerability has been discovered where a variable is being incorrectly sanitized.
    It's described here: WHMCS V4.0.2 Patch Released - WHMCS Forums

    You should upgrade to the latest version asap - the upgrade is a simple replacement of some files - it doesn't require any database-upgrade or installation.
    :: Have a great day! /Erik at http://www.psychofrog.se and http://www.manufrog.com ::
    Server: Muy and Dedicated

  2. This user thanks psfrog for this great post!

    Roxy (June 22nd, 2009)

  3. #2
    Mark
    Guest
    Thank you for the Heads up Erik

  4. #3
    Surpass Fan Comfy Contributor
    Points: 8,240, Level: 27
    Level completed: 15%, Points required for next Level: 510
    Overall activity: 0%
    Achievements:
    Veteran5000 Experience Points
    psfrog's Avatar
    Member since
    Jun 2004
    Location
    Sweden
    posts
    282
    Points
    8,240
    Level
    27
    Thanks
    50
    Thanked 38 times
    A new security issue has been discovered today.

    More info here: http://forum.whmcs.com/showthread.php?t=43462

    WHMCS has released patches for it and it's just a single file to update to keep Your WHMCS safe.
    :: Have a great day! /Erik at http://www.psychofrog.se and http://www.manufrog.com ::
    Server: Muy and Dedicated

  5. These users thank psfrog for this great post!

    David (January 6th, 2012)

  6. #4
    Yabadabadoo Super #1
    Points: 10,005, Level: 30
    Level completed: 10%, Points required for next Level: 545
    Overall activity: 99.4%
    Achievements:
    VeteranOverdrive10000 Experience Points
    Geoff's Avatar
    Member since
    Nov 2004
    Location
    B.C., Canada
    posts
    1,135
    Points
    10,005
    Level
    30
    Thanks
    9
    Thanked 43 times
    Quote Originally Posted by psfrog View Post
    A new security issue has been discovered today.

    More info here: http://forum.whmcs.com/showthread.php?t=43462

    WHMCS has released patches for it and it's just a single file to update to keep Your WHMCS safe.
    This is definitely a crucial update... i see these attacks in my email every day despite not being vulnerable. That said... There is a good chance that you would never even know you were comprised if you dont know what to look for. The popular injection code ive been seeing is really good at cleaning up after itself...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

     

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may edit your posts