Bravo List

Bravo List (http://www.bvlist.com/index.php)
-   Community Cafe (http://www.bvlist.com/forumdisplay.php?f=18)
-   -   danger in the WHMCS code (http://www.bvlist.com/showthread.php?t=9554)

joeroberts 5th October 2013 13:21
danger in the WHMCS code
 
any one using this code you are in danger of outsiders gaining access to you sites admin panel and all info in is.
this can be done from the basic users account by simply changing there name to a unsterilized text and it well change there name to all admins
username
email
password

Please watch you sites logs for users changing there names to a sql query.

I wont show the code that was used for safty resons but I have tested it on 2 Version
of the code and was able to retrieve both sites admin info.

x360zone 5th October 2013 17:05
hi
 
yes where upgrading the whmcs. 5.2.8 later today


All times are GMT +2. The time now is 16:11.

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.