PusatHosting
Hosting Guru
Sekedar info barangkali ada yang belum tahu,
WHMCS Security Advisory PayPal (v4.5) and Google Checkout (All Versions)
www.whmcs.com
WHMCS has released a new version of the 4.5 series and 5.1 series. These updates
provide targeted changes to address security concerns with the WHMCS product.
You are highly encouraged to update immediately.
== Releases ==
The following WHMCS versions address all known vulnerabilities:
> 4.5.3 for the 4.5 series
> 5.1.3 for the 5.1 series
The latest public releases of WHMCS are available inside our members area @
www.whmcs.com/members/clientarea.php
== Security Issue Information ==
The 4.5 series update addresses a vulnerability that can permit a malicious user
to decieve a WHMCS installation into crediting a payment that is sent to a
PayPal account other than the account configured within that WHMCS installation.
The 5.x series is unaffected by this vulnerability. It is only possible to
exploit this vulnerability if the paypal module has been activated.
The rating for this vulnerability is: important
The 4.5 and 5.1 series update addresses a vulnerability that can permit a
malicious user to inject SQL via the Google Checkout module. This only becomes
possible to exploit if the Google Checkout module has been activated within the
WHMCS installation and so non Google Checkout users are not at risk from this.
WHMCS Security Advisory PayPal (v4.5) and Google Checkout (All Versions)
www.whmcs.com
WHMCS has released a new version of the 4.5 series and 5.1 series. These updates
provide targeted changes to address security concerns with the WHMCS product.
You are highly encouraged to update immediately.
== Releases ==
The following WHMCS versions address all known vulnerabilities:
> 4.5.3 for the 4.5 series
> 5.1.3 for the 5.1 series
The latest public releases of WHMCS are available inside our members area @
www.whmcs.com/members/clientarea.php
== Security Issue Information ==
The 4.5 series update addresses a vulnerability that can permit a malicious user
to decieve a WHMCS installation into crediting a payment that is sent to a
PayPal account other than the account configured within that WHMCS installation.
The 5.x series is unaffected by this vulnerability. It is only possible to
exploit this vulnerability if the paypal module has been activated.
The rating for this vulnerability is: important
The 4.5 and 5.1 series update addresses a vulnerability that can permit a
malicious user to inject SQL via the Google Checkout module. This only becomes
possible to exploit if the Google Checkout module has been activated within the
WHMCS installation and so non Google Checkout users are not at risk from this.
