WHMCS Won't Tell You About What The Vulnerability Is, But Will Say "Patch ASAP!"

Dec 01, 2022 @ 4:14 pm

WHMCS released new versions for both 8.5.x and 8.6.x to address unspecified security issues.

“All earlier versions of WHMCS are unaffected,” according to the blog post. “The issue was reported privately and there is no evidence to suggest it is known publicly. We will not be releasing any further details about the issue at this time.”

Indeed, WHMCS is generally very secretive about their security issues. A comment on that post notes that WHMCS has not issued a CVE since 2012.

WHMCS and cPanel Prices Going Up By... 5%? 10%? Keep Guessing...

7 Steps To Save Your WHMCS Users' Personal Info From the Dark Web

Get Ready to Scan Your Passport If You Want to Buy a VM This Summer

Hostus is Being Appropriately Cautious: Stupid WHMCS Third Party Templates...

My Server Was Getting Constantly Hacked Until I Changed This One Parameter

Will GitHub Ever Remove This Nulled WHMCS Repo?

Author
Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308