WHMCS 5.2.12
25 October 2013
WHMCS version 5.2.12 is now available (security release).
Upgrading to WHMCS 5.2.12
WHMCS 5.2.12 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply WHMCS updates as new versions are released, or use Installatron's Clone feature to duplicate an existing WHMCS install to test the 5.2.12 upgrade prior to applying it live. Get started managing your WHMCS installations with Installatron
What's New in WHMCS 5.2.12
This update provides targeted changes to address security concerns with the WHMCS product. Updating immediately is highly encouraged.
General:
- Improved validation of monetary amounts
- Moneris Vault Gateway compatibility update
- Credit cards not processing under certain conditions
- Correction to internal logic for testing Authorize.net payment gateway
Security:
- Information disclosure via the client area as published by 'localhost'
- HTTP Split Attack discovered by the WHMCS Development Team
- SQL Injection Vulnerability discovered by the WHMCS Development Team
- Privilege boundaries not being enforced on addons reported by Vlad C of NetSec Interative
- Download directory traversal reported privately by an individual
- Lack of input validation in data feeds input discovered by the WHMCS Development Team
- Deficient Null Byte sanitization on input discovered by the WHMCS Development Team