New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This is an awful idea
Sure. Why not. Don't forget to share
Care to elaborate on why?
Course
Are there any exploits?
If it will become popular, you can be sure there will be attacks against it. The guy after solus and whmcs will probably not publish exploits against them, but I do not know any popular serious piece of code without vulnerabilities in the past.
current version 1.2.6 -no exploits published yet
v 1.2.5 - CSRF attack vector on the mass email page
v1.2.4 a few major security problems which were fixed in 1.25
v 1.2.3- "TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pear/Mail/smtp.php and certain other files. "
http://www.cvedetails.com/cve/CVE-2011-3809/
v1.22 Multiple CSRF Vulnerabilities
http://www.exploit-db.com/exploits/14337/
Every version has had security problems and some of those vulnerabilities were critical. If you look at the dates when the vulnerabilities were first discovered and when they were patched you'll see that some of them weren't patched until months after being discovered...and you're thinking of switching to this from WHMCS?
there is THT Reworked 1.3.10 which is a "fork" of THT with bugfixes and more functions.
The author is also working on "Reworked Manager":