question on 5.3.9 security

[mvandiermen]

I have only changed the admin address, and added no other security, and I am using 5.3.9 because I have not been notified of a security update after that, so should I theoretically be safe from things like this

Address 1: 'dm' to 'ASS_ENCRYPX(1,1), address1= (SELECT MIN(username) FROM tblxxmins)'

Address 2: 'dm' to 'ASS_ENCRYPX(1,1), address2= (SELECT MIN(password) FROM tblxxmins)'

This change request was submitted from ip-XX-XXX-XXX-X.ip.secureserver.net (97.74.XX.XXX)

 

I have never noticed any successful hacks.

 

It became a monthly job to delete fake invoices, I stated just to leave them they stated appearing less, I tried to install the registration security but have not finished that yet.

 

It's a pity that we have the IP addresses and details of people and robots that do this type of thing to all internet systems, but it's no ones job to stop it.

[zomex]

Hello,

 

These hack attempts are common but as long as you're patched to the latest security version they you'll be fine. I'm unsure what the last secure patch is so i would recommend contacting WHMCS and have them confirm this.

 

Thanks.

[WHMCS John]

Hi,

This appears to be an attempt to exploit a known security concern in old - End of Life - versions of WHMCS.

Provided you were running WHMCS v5.2.8 or above at the time these changes were made you are perfectly safe and the client can just be deleted.

 

You can read more about this in our blog post from the time: http://blog.whmcs.com/?t=79527