Categories: Security

WHMCS SQL Injection Vulnerability !!!

A few days ago, a zero-day SQL injection vulnerability in WHMCS was disclosed by localhost.re, along with the exploit code. It was quickly patched by the WHCMS team and rated as critical since it allows an attacker full access to the database hosting WHMCS:

The vulnerability allows an attacker, who has valid login to the installed product, to craft a SQL Injection Attack via a specific URL query parameter against any product page that updates database information. Creating a valid login is very easy and allowed by default through the registration page.

WHMCS is very popular amongst hosts, and if you use it, you need to update/patch it ASAP!


Vishwajit Kale
Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.

Recent Posts

The Science Behind Social Media Posting Times

In today's digital landscape, timing is everything. Whether you're a social media manager, business owner, or content creator, the success…

7 days ago

Mastering Google Search Console: Tips for New Users

Are you a website owner? Maintaining the website is the prime concern for any website owner. Yes, it’s equally important…

1 week ago

A Comprehensive Guide to Changing and Protecting the WordPress Login URL

If you’ve planned to launch a WordPress website, you might get a question, “How do I log in to WordPress?”…

2 weeks ago

The Ultimate Showdown: Linux vs Windows for VPS Hosting

As the demand for virtual private servers (VPS) continues to grow, businesses and individuals are faced with a crucial decision:…

1 month ago

Questions to Ask Your Web Hosting Support Team

Web hosting is a large industry, as many other factors help any web hosting provider to form a company. The…

1 month ago