• Welcome to Web Hosting Community Forum for Webmasters - Web hosting Forum.

WHMCS v5.2.10 and v5.1.12 released to address some vulnerabilities

Started by Kailash, October 21, 2013, 10:59:48 AM

WordPress Premium Themes


WHMCS has released a patch to address the following vulnerabilities existed in the previous version:

Security Issue Information

These changes resolve security issues identified by public disclosure. The follow security issues have been addressed within the latest patches:
- Missing Cross Site Request Forgery Token checks for certain operations related to Product Bundles and Product Configuration
- SQL Injection viable due to improper validation of expected numeric data
- Enforce privilege boundaries for particular ticket actions

Important Fix Information

These changes also include important functional fixes that were produced from previous security patches:
- SQL error in getting ticket departments (5.1 only)
- Mass mail client filter excluding users set to default language
- Admin clients list displaying multiple instances of the same record in certain conditions
- Prevent user input from manipulating IP Ban logic (5.2 only)

The following versions have addressed the above:


Make sure that you apply the patch as soon as possible.



WordPress Premium Themes