# WHMCS Security Patch



## vld (Jul 24, 2013)

A new WHMCS security patch has been released today (v5.26, v5.1.8, v5.0.7 and v4.5.6)

Get it at: http://www.whmcs.com/members/downloads.php?action=displaycat&catid=1

More info: http://blog.whmcs.com/?t=76310


----------



## rds100 (Jul 24, 2013)

I wonder what they break this time. And how many releases with the same version number until they produce something working.


----------



## expertvm (Jul 24, 2013)

Looks like this couple few months is really a pain for all providers. Security issues everywhere.


----------



## Jeffrey (Jul 24, 2013)

What about a patch for 5.2.5?


----------



## expertvm (Jul 24, 2013)

Jeffrey said:


> What about a patch for 5.2.5?


Can't seems to find the patch that I wanted too. So in the end, goes with full package. Painful


----------



## peterw (Jul 24, 2013)

expertvm said:


> Looks like this couple few months is really a pain for all providers. Security issues everywhere.


And a lot of providers that get catched cold. On the SolusVM 0day it was all about luck to be faster than the bad boys.


----------



## Patrick (Jul 24, 2013)

Jeffrey said:


> What about a patch for 5.2.5?


We submitted a ticket about this, useless WHMCS staff said there will be no patch and you have to upload all the files but can exclude template files.


----------



## fapvps (Jul 24, 2013)

Must be some signinicant changes if there is no small patch is released.


----------



## rds100 (Jul 24, 2013)

Yeah, 193 files in the 5.1.8 patch. Mostly in the admin area though.


----------



## Damian (Jul 24, 2013)

Do you guys really have that much modified in your WHMCS install that it's not possible to do an in-place upgrade? We have a huge pile of hooks and addons and had no issue with a full upgrade, I'd imagine that you guys wouldn't either.


----------



## anyNode (Jul 24, 2013)

rds100 said:


> I wonder what they break this time. And how many releases with the same version number until they produce something working.


Orders system broke for a couple providers (Crissic and RamNode), working fine for us though. Skylar from Crissc got it solved by clearing his template_c. Not sure if Nick has.


----------



## Nick_A (Jul 24, 2013)

Yeah, WHMCS had to release multiple builds to get it right, but it's working now.


----------



## SkylarM (Jul 24, 2013)

Damian said:


> Do you guys really have that much modified in your WHMCS install that it's not possible to do an in-place upgrade? We have a huge pile of hooks and addons and had no issue with a full upgrade, I'd imagine that you guys wouldn't either.


All looked fine until you tried placing an order, at least in my case.


----------



## anyNode (Jul 24, 2013)

Glad everyone's up and running now, WHMCS can be a real headache.


----------



## fapvps (Jul 24, 2013)

Update went smoothly here. I like to delete all the previous files and install a fresh copy keeping the database and moving any customizations manually. This way no unneeded files accumulate keeping everything neat.


----------



## BlackoutIsHere (Jul 24, 2013)

anyNode said:


> WHMCS can be a real headache


 +1


----------



## mitgib (Jul 28, 2013)

SkylarM said:


> All looked fine until you tried placing an order, at least in my case.


No problem with orders, but can't see to create new addons from the service page


----------



## Oxide (Jul 29, 2013)

mitgib said:


> No problem with orders, but can't see to create new addons from the service page


Upgrade to 5.2.7 which patches the addon problem.


----------



## mitgib (Jul 29, 2013)

Oxide said:


> Upgrade to 5.2.7 which patches the addon problem.


After a day my support ticket was answered with that, assholes


----------



## SeriesN (Aug 1, 2013)

I guess cpanel did invest a lot in whmcs. All these frequent upgrades and patches makes me feel good .


----------



## MartinD (Aug 1, 2013)

Still can't sort out their versioning though.


----------



## Damian (Aug 1, 2013)

Indeed, they really need to cut off the older versions and concentrate on maintaining a single version. It might alienate some of the companies still using the archaic versions, but gotta move on eventually...


----------



## coreyman (Aug 1, 2013)

Damian said:


> Indeed, they really need to cut off the older versions and concentrate on maintaining a single version. It might alienate some of the companies still using the archaic versions, but gotta move on eventually...


Yea it creates a lot of extra work for their dev team that could be used towards new features.


----------



## KuJoe (Aug 1, 2013)

They actually have EOL dates now, which is really nice since I now have an exact deadline for getting Blesta up and running since 5.2.x scares the bajesus out of me.


----------



## coreyman (Aug 1, 2013)

KuJoe said:


> They actually have EOL dates now, which is really nice since I now have an exact deadline for getting Blesta up and running since 5.2.x scares the bajesus out of me.


Why is it scaring you?


----------



## KuJoe (Aug 1, 2013)

coreyman said:


> Why is it scaring you?


Because of threads like this. I've never had a bad upgrade with WHMCS before but I read about people upgrading 5.2.x and their order forms breaking or they get blank pages or something like that.


----------



## mikho (Aug 5, 2013)

KuJoe said:


> Because of threads like this. I've never had a bad upgrade with WHMCS before but I read about people upgrading 5.2.x and their order forms breaking or they get blank pages or something like that.


Wasn't it because people didn't clear their cache directory? Or some of the cases ?


----------

