Jump to content

Targeted by hackings

rowl3y

By rowl3y
in Using WHMCS

 Share

Recommended Posts

rowl3y Junior Member

rowl3y

Posted
Posted

Hi,

 

Please help .. I keep getting people sign up then trying to change there info & looks like its a slq script ..

 

I don't look like they are getting access but keep getting them 5 times a day

 

looks like this

 

Client Profile Modified - First Name: 'go' to 'Andri', Last Name: 'Team' to 'Cyber4rt', Company Name: ' testing ' to ' DMASTERPIECE ', Address 1: 'dm' to 'AES_ENCRYPT(1,1), address1= (SELECT MIN(username) FROM tbladmins)', Address 2: 'dm' to 'AES_ENCRYPT(1,1), address2= (SELECT MIN(password) FROM tbladmins)', Postcode: '404403' to 'dm', Default Payment Method: '' to ''

0
Link to comment
Share on other sites
  • WHMCS Support Manager
WHMCS John Senior Member

WHMCS John

Posted
  • WHMCS Support Manager
Posted

Hi,

This appears to be an attempt to exploit a known security concern in old - End of Life - versions of WHMCS.

Provided you were running WHMCS v5.2.8 or above at the time these changes were made you are perfectly safe and the client can just be deleted.

 

You can read more about this in our blog post from the time: http://blog.whmcs.com/?t=79527

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept