amuck-landowner

Yet again.. another WHMCS advisory is out.

TruvisT

Server Management Specialist
Verified Provider
*sigh*

This month has been killer. One hole after another in so many services.

/patch_mode.
 
Last edited by a moderator:

SkylarM

Well-Known Member
Verified Provider
What's concerning is how long it took for emails to get out about it. I had already updated and a few hours went past before my email arrived.

At least they are fixing it, but man so many exploits!
 

SeriesN

Active Member
Verified Provider
The Targeted Security Release and Patch updates for 4.5, 5.0, and 5.1 resolve an issue of unsanitized information being used in a SQL query. Using a crafted URL, an attacker could perform an SQL Injection.
The Targeted Security Release and Patch update for 5.2 addresses a security enhancement regression discovered in 5.2.3 and 5.2.4. This regression is not related to the itemized vulnerability mentioned for 4.5, 5.0, and 5.1. The regression was identified internally and is not a candidate for public disclosure.
So 5.2 was actually fine. Please tell me why you are still running older version and complaining about bugs again?
 

TruvisT

Server Management Specialist
Verified Provider
So 5.2 was actually fine. Please tell me why you are still running older version and complaining about bugs again?
5.2 had some random bugs when it first came out, so we stuck with 5.1 in the mean time till 5.2 had everything worked out. :)
 
Last edited by a moderator:

shovenose

New Member
Verified Provider
Yeah, 5.2.4 has been stable for us, except for some broken stuff in the client area do to some custom template work I'm not going to bother updating yet because a new ShoveHost site is in the works anyway.
 

jarland

The ocean is digital
They just has to throw out the magical words "SQL injection." Considering that the new popular thing for us the last 2 weeks seems to be attempting injection via presales ticket...
 

KuJoe

Well-Known Member
Verified Provider
I would much rather have a new patch every other week than a price increase every month. ;)
 

jhadley

New Member
Verified Provider
Got this as well. Glad I moved away. Coincidentally, the Blesta V3 beta has just been released which is definitely worth a look.
 

Enterprisevpssolutions

Article Submitter
Verified Provider
Definitely worth looking at. I just wish that someone would come up with migration tool for moving from say Hostbill or Whmcs to Besta  ;)
 
Top
amuck-landowner