The developers of WHMCS, a popular client management, billing and support application for Web hosting providers, released emergency security updates Thursday to patch a critical vulnerability that was publicly disclosed.
The vulnerability enables attackers to execute SQL injection attacks against WHMCS deployments in order to extract or modify sensitive information from their databases.
U.K.-based WHMCS, released versions 5.2.8 and 5.1.10 of the software to fix the flaw, as well as incremental patches that can be applied manually to older versions without performing a full upgrade.
The SQL injection vulnerability was disclosed Thursday on a blog by an anonymous user who also released proof-of-concept exploit code for it.
To read this article in full or to leave a comment, please click here
No comments:
Post a Comment