Hostbill 4.6 severe Security Vulnerability

 

Hostbill 4.6 has severe security vulnerability and it allows someone to dump entire database and download it. This allows attackers to gain sensitive information including credit card details. The root cause of this vulnerability is “/includes/cpupdate.php” file. A patch has been released by Hostbill to address this security vulnerability. It can be downloaded from the following:

WHMCS Complete Billing and Support

https://hostbillapp.com/clientarea/patches/hostbill_patch4.6.0_4324.zip

It is strongly recommend you immediately apply this patch.

Posted in Web Hosting.

Leave a Reply

Your email address will not be published. Required fields are marked *