A few days ago, a zero-day SQL injection vulnerability in WHMCS was disclosed by localhost.re, along with the exploit code. It was quickly patched by the WHCMS team and rated as critical since it allows an attacker full access to the database hosting WHMCS:
The vulnerability allows an attacker, who has valid login to the installed product, to craft a SQL Injection Attack via a specific URL query parameter against any product page that updates database information. Creating a valid login is very easy and allowed by default through the registration page.
WHMCS is very popular amongst hosts, and if you use it, you need to update/patch it ASAP!
Photography is not just about taking pictures—it’s about presenting them beautifully. For photographers and creative bloggers, WordPress photo gallery plugins…
Festivals are more than cultural celebrations—they’re golden opportunities for e-commerce stores and bloggers to attract, engage, and convert audiences. During…
If you’re new to web hosting, the idea of moving your website from one provider to another might sound intimidating.…
WooCommerce powers over 5 million online stores, and its true potential comes alive with plugins that enhance functionality. The right…
When you first launch a WordPress website, it comes with a theme that controls how your site looks and feels.…
