Log in or Sign up

COMMUNITY ALERT WHMCS 5.2.10 SQL INJECTION EXPLOIT WARNING!

Discussion in 'Web Hosting' started by MyBB Hoster, Oct 24, 2013.

MyBB Hoster Active Member

Messages:

64

Likes Received:

3

Best Answers:

0

Trophy Points:

78

#1

While there is no patch for it yet. I advise you hosting company's to disable your WHMCS till a patch is released. Localhost has released another exploit. Have a great day people. I hope you get this message.

Regards,
Mike

MyBB Hoster, Oct 24, 2013 IP
ufshane Well-Known Member Affiliate Manager

Messages:

538

Likes Received:

29

Best Answers:

2

Trophy Points:

195

#2

They are on this one already http://blog.whmcs.com/?t=80587 but luckily you can disable mass payments to prevent any issues

As you may be aware, a security issue has been published within the last hour which allows for information disclosure.

We are aware of the issue and are investigating it, and will be issuing a fix for this issue along with any others we discover during our targeted investigation shortly. In the meantime disabling the Mass Payment feature voids the immediate threat.

You can do this by de-selecting the "Enable Mass Payment" checkbox in Setup > General Settings > Invoices and saving.

Please watch our blog, facebook and twitter feeds to receive the latest updates.
Click to expand...

ufshane, Oct 24, 2013 IP

(You must log in or sign up to reply here.)