1. peterw

    New PHP exploit CVE-2012-1823

    PHP 5.x Remote Code Execution Exploit available since 2013-10-29. Usage found in logs since 2013-11-04. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign)...
  2. drmike

    WHMCS exploit involving Stripe payments?

    Someone sent me something this morning... They have ongoing fraud/hack situation involving WHMCS and Stripe payments. The hack involves generated credit cards that seem to get through Stripe as valid. The orders are identifiable as certain fields in the account info are ALL CAPS. So far the...
  3. Aldryic C'boas

    New WHMCS Exploit tl;dr - A rather gaping security hole in WHMCS.  I've taken ours offline - strongly suggest other providers do the same.
  4. MannDude

    Is WHMCS next to be exploited?

    From here: Everyone should be on high alert. EDIT 1: This was posted on LEB
  5. Magiobiwan

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    Well, looks like CVPS has also fallen victim to the latest SolusVM Exploit. Given their CP page anyways.  Take a look for yourself! Someone posted this on LET, but nobody had posted here. YET. EDIT: TO COMMENT ON THIS THREAD PLEASE VISIT PART 2...
  6. drmike

    SolusVM Exploit - Who got hit?

    So aside from board favorite RamNode, who else fell victim to the SolusVM exploit? Anyone noticed other low end or even high end providers that were victimized?
  7. MannDude

    Important Security Alert -- SolusVM

    Not much details available about this just yet, other than news saying you should patch.
  8. George_Fusioned

    SolusVM Vulnerability Quick fix: remove/chmod 000 centralbackup.php from your master's /usr/local/solusvm/www/ folder. (Thanks Patrick)