Security

WHMCS is the leading web hosting automation platform. Handling signups, provisioning, billing and support. They also provide loginshare module to integrate third party Helpdesk like Kayako. Recently they released a security patch for Kayako Loginshare module and it is highly recommended to apply this patch. Only Kayako loginshare users need to apply this patch. This …

WHMCS Kayako Loginshare Security Patch Read More »

vePortal Security Warning As recently BurstNET announced that they were closing the services as of July 25th 2014, there is little or no more chance for the active development for vePortal. It is highly recommended to find the alternative control panel in place of vePortal. There are many root level security vulnerabilities present in vePortal, …

vePortal Security Warning – Alternative for vePortal Read More »

WordPress 4.7.3 is now available. This is a security release for all previous versions and it is strongly encouraged you to update your sites immediately. All previous WordPress versions contain critical security issues. Upgrading to latest version is recommended. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media …

WordPress 4.7.3 Security and Maintenance Release Read More »

NextGEN Gallery is one f widely used WordPress plugins. As per the statastics available in WordPress plugin directory, this plugin was downloaded more than 1+ million times. That means, this plugin should be used on large number of WordPress installation. Researcher found a critical SQL injection vulnerability in NextGEN Gallery plugin. This vulnerability allows an …

Critical SQL Injection Vulnerability Found in NextGEN Gallery Read More »

CloudLinux is widely used operating system by web hosts. It provides better server security as well as server stability. CloudLinux also provides multiple PHP version selection. This allows end users to select appropriate PHP version for their accounts. They are also providing security updates for PHP versions which were discontinued by PHP community. Recently they …

CloudLinux HardenedPHP updated Read More »

CloudLinux 6 OpenSSL Security Update CloudLinux is widely used by shared hosting provider and it provides isolated environment for each user. An update for CloudLinux was just released to address the widely publicized OpenSSL “Heartbleed” vulnerability and it is recommended that you update as soon as possible. How to upgrade it? You will need to login …

CloudLinux 6 OpenSSL Security Update Read More »

WordPress 4.5.3 is now available. This is a security release for all previous version and it is strongly recommended to upgrade your WordPress installation to latest version. WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, two different XSS problems via attachment names, revision history information disclosure, oEmbed …

WordPress 4.5.3 Maintenance and Security Release Read More »

CloudFlare protects and accelerates website using their CDN networks. Once you enable CloudFlare for your website, all your traffic is routed to their global networks. CloudFlare can be integrated with cPanel and they also provide cPanel plugin. A critical symlink attack vulnerability was detected in CloudFlare cPanel plugin version 5.3.2. This vulnerability may exist in …

CloudFlare cPanel plugin Vulnerability Read More »

The Joomla security team have just released a new version of Joomla to patch a critical remote command execution vulnerability that affects all versions from 1.5 to 3.4. This is a serious vulnerability that can be easily exploited and is already in the wild. If you are using Joomla, you have to update it right …

Critical 0-day Remote Command Execution Vulnerability in Joomla Read More »