Back to Blog Posts

WHMCS Security Alert

By Matt / October 5th, 2012

We have become aware of a security issue that exists in the third party Boleto module included in WHMCS releases. This can potentially be used to exploit a WHMCS installation.

If you do not use the Boleto module, then the quickest and easiest solution is to simply delete the /modules/gateways/boleto/ folder entirely after which you will not be at risk.

Alternatively if you do use the module, you can download and apply the patch to your installation here:

This issue affects all WHMCS versions.

If you have any questions or need any assistance, please do not hesitate to contact us. We apologize for the inconvenience.

Liked this article? Share it