amuck-landowner

HostBill 4.6 Database Dump (Patch it!)

Reece-DM

New Member
Verified Provider
Hi,

i'm shocked there hasn't been much coverage on this over here but anyhow:

Hostbill 4.6 has severe security vulnerability and it allows someone to dump entire database and download it. This allows attackers to gain sensitive information including credit card details. The root cause of this vulnerability is 
 

netnub

New Member
I know 25 companies who have been hacked using this, 1000's if not 10,000's of customers infos taken. I know the sites and have anonymously reported it.
 

Reece-DM

New Member
Verified Provider
Good thing it was quickly patched, can give them a high five for that.

Though it would seem that the PHP eval exploit that was rolling about last year could be executed via other means in HB.

Lets hope for there damm stupid pricing they actually sort it.
 

SPINIKR-RO

New Member
Verified Provider
Just to be clear,

This is the one issued on last Wednesday afternoon.

If you make a post like this be sure to mention when it is from, with lack of detail it looks as if you are posting about a new issue. I would say it got coverage pretty well, and patched very fast.
 
Last edited by a moderator:
Top
amuck-landowner