ClientExec – Content Disclosure Vulnerability

Our friends at Rack911 & HostingSecList have released the following advisory for ClientExec.

ClientExec is a comprehensive and flexible web hosting billing solution that will help you manage and expand your existing base of hosting clients. ClientExec was conceived and built with small to mid-sized hosting companies in mind. ClientExec was built to enable business owners to effectively manage their hosting clients and web hosting billing using one convenient and powerful platform.
Vulnerability Description:

A malicious user can obtain the product details (name / domain) belonging to any other user when they submit a ticket by carefully crafting the request.


We have deemed this vulnerability to be rated as MEDIUM due to the fact that other users information can be obtained.
Vulnerable Version:

This vulnerability was tested against ClientExec v4.6.8.
Fixed Version:

This vulnerability was patched in ClientExec v4.6.9. We thank ClientExec for their commitment to security by providing prompt updates!


If you are a VeeroTech Systems reseller & currently utilize ClientExec, please log into the account management portal and download the latest release found under Support > Downloads.

If the steps above listed in this article do not resolve your issue, please feel free to open a support ticket and we’d be happy to take a look.
Get 50% off for 6 months on all Shared Hosting plans.

Our Guiding Principles

  • Provide consistent, stable, and reliable web hosting services.
  • Ensure rapid ticket response and quick resolutions to issues.
  • Never saturate or over-provision servers to ensure stability and speed for our customers.
  • Use only high-quality enterprise-class hardware to ensure minimal downtime from hardware failures.
  • Provide clear pricing with no hidden fees or gotchas.