New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
WHMCS Security Advisory: 5.2.7
GoodHosting
Member
Hello,
This is just a friendly warning to anyone still running WHMCS 5.2.7 ; many users are still trying this exploit, it is imperative that you update your system to 5.2.8 immediately if you are still running a version that has not been patched for this exploit.
What's effected?
- All WHMCS installations of version 5.2.7 , possibly earlier versions too.
Signs of Exploit
- Users changing their profile details frequently.
- Any user profile or sub-user entry containing SQL-like values.
- Any attempts to use {php} or similar smarty tags in all of WHMCS.
- Users attempting to access "crafted" URLs in your installation.
- Users being caught by mod_security's rules.
Solution (fix)
- Upgrade your WHMCS installation to the latest stable 5.2.8
Regards,
HardCloud
Comments
Oh god... It's like you want that target to stay on your back so bad...
Hello @fcfc, @jack
You'd think, but I've still found live systems (among the offers) running versions known to be quite old and exploitable. I wish everyone would keep their software up to date, and this is just yet another thread where I'd like people to realize that.
We were never victim to this, luckily enough; but I know people who were, and they've yet to fully recover.
Have you been running the script then?..
There has been enough exposure of this topic I can't see the need to have another topic.
As to why we need another topic for the same thing is beyond me.
http://lowendtalk.com/discussion/14347/whmcs-5-2-7-vulnerability/p1
I think this thread is different, many of peoples don't know about this(eg: frequent name change with AES_Encrypt code)