Securing a2billing admin data from customers and agent

In A2billing version below 1.9.4 having security issue in export. In that versions we are able to export “cc_ui_authen” table information using agent login. For example: http://localhost/a2billing/agent/Public/export_csv.php?var_export=menu_section&var_export_type=type_xml&section=SELECT * FROM `cc_ui_authen` This will export all information of admin login. So it's