We have become aware of a security issue that exists in the third party Boleto
module included in WHMCS releases. This can potentially be used to exploit a
WHMCS installation.
If you do not use the Boleto module, then the quickest and easiest solution is
to simply delete the /modules/gateways/boleto/ folder entirely after which you
will not be at risk.
Alternatively if you do use the module, you can download and apply the patch to
your installation here: http://www.whmcs.com/members/dl.php?type=d&id=138
This issue affects all WHMCS versions.
If you have any questions or need any assistance, please do not hesitate to
contact us. We apologize for the inconvenience.
Kind Regards,
The WHMCS Team
www.whmcs.com
View the announcement on our website here to confirm authenticity:
http://forum.whmcs.com/showthread.php?60646-WHMCS-Security-Alert
Copyright (c) 2012 WHMCS Limited, All rights reserved.
Suite 17 Linford Forum
Rockingham Drive
Milton Keynes
MK14 6LY
多谢分享