Categories: Security

WHMCS released new updates for all supported versions !!!!

WHMCS has released new updates for all supported versions of WHMCS. These updates contain changes that address security concerns within the WHMCS product.

We strongly encourage you to update your WHMCS installations as soon as possible.

WHMCS has rated these updates as having important and critical security impacts. Information on security ratings can be found at

http://docs.whmcs.com/Security_Levels

Releases
Please update your installation to the one of the following versions:

v5.1.14
v5.2.13

Patches –

Incremental patches can be downloaded by following the provided links below. These patch sets contain only the files that have changed between the previous release and this update. The previous release version that these patch sets are designed for is clearly indicated as the first and smaller number.

Do not attempt to apply an incremental patch set to an installation that is running a different version than the indicated version. Doing so will result in a “Down for Maintenance” message and require you to use the full release to complete the upgrade.

Incremental patches do not require any update process. Simply apply the changed files to the existing WHMCS installation.

The following incremental patches are available for direct download:

5.1.13 –> 5.1.14 http://go.whmcs.com/274/v5113_incremental_to_v5114_patch
MD5 Checksum: 6a6045dffbe7d43b3ff294e4acd87cfa

5.2.12 –> 5.2.13 http://go.whmcs.com/278/v5212_incremental_to_v5213_patch
MD5 Checksum: 94347dd8f6776b1e5a53fb3b65ce2a16

To apply a patch set release, download the files as indicated above. Then follow the upgrade instructions for a “Patch Set” which can be found at http://docs.whmcs.com/Upgrading#For_a_Patch_Set

Full Release – What is a Full Release?

A full release distribution contains all the files of a WHMCS product installation. It can be used to perform a new install or update an existing installation (regardless of previous version).

The latest full release can always be downloaded from our members area at https://www.whmcs.com/members

5.2.13 – Downloadable from the WHMCS Members Area
MD5 Checksum: 2f6e51fc8a2ecd5c67dc28f87eb35cf5

To apply a full release, download the files as indicated above. Then follow the upgrade instructions for a “Full Release Version” which can be found at http://docs.whmcs.com/Upgrading#For_a_Full_Release_Version

Important Maintenance Issue Information
This Advisory provides resolution for the following important maintenance issues:

Case 2989 – Downgrade orders failing when no payment due
Case 3325 – Credit card processing fails with weekly retries enabled
Case 3467 – API GetClientsAddons fails on certain conditions
Case 3471 – Unable to download ticket attachments from first ticket message
Case 3515 – Add tilde to valid character list of redirect path
Case 3528 – Updated Smarty to latest 2.6.28 release
Case 3545 – Project Management settings redirect on save fails
Case 3482 – Improve default currency logic
Case 3641 – Allow MaxMind Service Type selection

Security Issue Information

This Advisory provides resolution for several security issues, one of which was publicly disclosed. Specific information regarding that issue can be found below.

All other resolved issues were identified by the WHMCS development team and independent researchers. There is no reason to believe that these vulnerabilities have been made known to the public. As such, WHMCS will only release limited information about the vulnerabilities at this time.

Once sufficient time has passed, WHMCS will release additional information about the nature of the security issues.

Source : http://blog.whmcs.com/?t=81890


Vishwajit Kale
Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.

Recent Posts

Crafting a Professional Email: Step-by-Step Guide

Due to growing digitalization, Email Communication has become the backbone of professional interactions. Yet, surprisingly, many professionals struggle to craft…

2 days ago

Demystifying SSL: What Every Website Owner Should Know

As the digital landscape continues to evolve, securing your website has never been more crucial. SSL, or Secure Sockets Layer,…

1 week ago

Cyberduck and FileZilla: A Comprehensive Comparison

As a web designer and web developer your experience must have reached to new height, right? Further, you need to…

1 month ago

The Science Behind Social Media Posting Times

In today's digital landscape, timing is everything. Whether you're a social media manager, business owner, or content creator, the success…

1 month ago

Mastering Google Search Console: Tips for New Users

Are you a website owner? Maintaining the website is the prime concern for any website owner. Yes, it’s equally important…

1 month ago