With our security in mind, bringing you a secured and encrypted connection to our Billing System, we are glad to inform you that without downtime, we have patched and upgraded our Billing System to latest version.

WHMCS has released a new version of the 4.5 series and 5.1 series. These updates provide targeted changes to address security concerns with the WHMCS product.

The following issue had been addressed and patched:

Security Issue Information

The 4.5 series update addresses a vulnerability that can permit a malicious user to decieve a WHMCS installation into crediting a payment that is sent to a PayPal account other than the account configured within that WHMCS installation. The 5.x series is unaffected by this vulnerability. It is only possible to exploit this vulnerability if the paypal module has been activated.

The rating for this vulnerability is: important

The 4.5 and 5.1 series update addresses a vulnerability that can permit a malicious user to inject SQL via the Google Checkout module. This only becomes possible to exploit if the Google Checkout module has been activated within the WHMCS installation and so non Google Checkout users are not at risk from this.

The rating for this vulnerability is: critical

Have a nice day ahead!


Tuesday, December 18, 2012







« Back