WHMCS 5.2.10 exploit

[el_makong]

saya blom sempet update dari 5.2.9 nih....kna juga gak yaaaaa

 

[susan]

untuk yg pakai modsec, berikut rule utk pencegahan, dari forum sebelah:

# WHMCS 5.2.10
# [url]http://www.webhostingtalk.com/showpost.php?p=8889014&postcount=39[/url]
SecRule REQUEST_URI|ARGS|REQUEST_BODY "invoiceids" \
  "id:1001002, \
   phase:4, \
   t:urlDecodeUni,t:htmlEntityDecode,t:hexDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase, \
   log,deny, \
   msg:'WHMCS v5.3.10 JIT patch - Rack911'"

SecRule REQUEST_URI|ARGS|REQUEST_BODY "invoiceids" \
  "id:1001003, \
   phase:4, \
   t:urlDecodeUni,t:htmlEntityDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase, \
   log,deny, \
   msg:'WHMCS v5.3.10 JIT patch - Rack911'"

 

[INDTEAM]

Announcement aja path gak beres terus + dbfunstion

 

[arifptm]

kenapa begini.. sering banget sih ada kaya gitu..takut juga nih lama2

 

[hostguin]

Ayo pada di patch http://blog.whmcs.com/?t=80615

 

[sinji]

Ayo pada di patch http://blog.whmcs.com/?t=80615

barusan buka whmcs langsung keluar patchnya

 

[hostguin]

UPDATE: We've identified a missing file for 5.2.11 and 5.1.13 zips. We will be updating this post again with another revision with the complete change set. Thank you for you patience."

 

[atriumhosting]

UPDATE: We've identified a missing file for 5.2.11 and 5.1.13 zips. We will be updating this post again with another revision with the complete change set. Thank you for you patience."

gubrak.... pantes versi abis patch ga berubah

tolong bang hostguin update terbaru di info kesini ya ...

 

[hostguin]

v5.2.12 http://blog.whmcs.com/?t=80615

 

[mustafaramadhan]

Cepat benar updatenya.

Dalam sebulanan ini dari .7 ke .12 (ada 5 update) dan semuanya terkait 'security'.