Dear WHMCS User,
It has been brought to our attention that at some time during the days following the recent release of WHMCS V3.5.1, an unauthorised user managed to gain access to our server through an Apache exploit and was able to add a number of files into the WHMCS V3.5.1 Full Version download available from our client area. The files added were shell scripts which could potentially be used to exploit the server should the functions used not be blocked.
There is a chance that you may have downloaded V3.5.1 at the time when the files were present and so may have inadvertently uploaded them to your server. As a precaution we are asking all customers to check for, and remove, the following files if they are found to be present in your WHMCS folders:
admin/editor/plugins/advlink/langs/eng.php
admin/editor/plugins/insertdatetime/editor_plugin.php
admin/editor/plugins/zoom/editor_plugin.php
modules/reports/server_revenue_tasks.php
modules/servers/interworx/interworx_data.php
NOTE: If you used our professional upgrade or installation services to have WHMCS installed or upgraded by us then you will NOT have been affected.
We have taken action to ensure a breach like this does not occur again and apologize for any inconvenience caused. We would also like to point out that this was not a security problem with WHMCS. I would ask that if you have any concerns or questions, please email
support@whmcs.com