RSS Feed
Posted by Steven M. on 28 January 2020 11:38 PM



WHMCS sent us an email advising us of a potential vulnerability.  Therefore, we are writing to advise you of a potential security vulnerability when htaccess directives are not enforced appropriately for WHMCS. This most commonly occurs in web server environments such as nginx.

Affected Versions

WHMCS 6.0 and later

How to tell if you're affected

If the following file is readable from a web browser, then you need to investigate and apply appropriate configurations for your web server environment.
A verification tool has also been made available to assist in determining if your web server environment is affected. This tool can be downloaded here.

Comments (0)
Post a new comment
Full Name: