bugster

Having the same problem trying to enter check number and I get the validation error

Maybe they should send out 2 separate advisories for the different version. I was in such a hurry to patch my install so I didn't get hacked again I didn't realize it was 2 different versions. I just saw .13 and .14 and logically thought they both needed to be installed. Restoring from backup now.

yep, exactly. I can see in the activitylog table where theyuploaded the files that they used to access the database and the config file. This is the first time that I've had a problem with whmcs being hacked but it is enough for me to start looking for alternatives. I spent most of today resetting passwords and sending out notices to customers, not fun.

Just got my first notice of one of my customers credit cards being used fraudulently. This really sucks!!!

I submitted my logs and the scripts to whmcs. Haven't heard back from them yet but I see someone else posted that there is another exploit for whmcs, no details

I guess it is possible that they had already uploaded files that allowed them to upload more. There was a script called sec.php uploaded right before the update and then sql.php was upload after the update. I changed my admin username and password when I did the update so I don't think they had that. Still hoping to hear back from whmcs, so far I've received a canned response about cleaning up after being compromised but nothing about if they know about security flaws in the current version.

Hello, I curious if anyone else has been hacked while running 5.2.10. I was yesterday but the hack started before I upgraded so I'm not sure if it is a hole in 5.2.10 or 5.2.8. One of the files that were uploaded did happen after the upgrade so I'm thinking 5.2.10 still has a security hole in it. Something is allowing hackers to upload files to the download folder.

The license reset happened monday then I patched yesterday and the tables where deleted today. The files in the download folder were dated 10/20 10/21 and 10/23 So it did start with 5.2.8

Yep, the got me too. Deleted my clients table and my activity log table. Look like they changed the cc_encryption key in my configuration file as well.

My 5.2.10 installation just got hacked. It started with my license key getting reset and then today they deleted my clients table. Check your downloads folder for php scripts that was how they got me I think. I've opened a ticket with whmcs but haven't heard from them yet.

I recently upgraded to version 4 and just realized this is happening. Has anything been added to stop this from happening?

I have the same problem. I didn't see anything in the documentation

Hello, I'm trying to move the whmcs db to a different server. I do a backup using whmcs and then try importing it using the mysql command. I keep getting an error: ERROR 1292 <22007> at line 8764: Incorrect date value: ' ' for column 'duedate' at row 1 My backup file is over 11mb so finding the problem is a little tricky and I've searched for 'duedate' in the file and can't even find a mention of it. Any help would be appreciated. I'm just glad I found the problem now and not when I needed to restore from a crash. I'm using ver 3.6.2 Thanks, Brian

In the general tab of the client under actions there is a Generate Due Invoices link. That should do it.

#2 and #4 in your list has caused me problems as well. as for #2 I've tried having the registrar setup in the domain pricing and not setup in domain pricing and it didn't auto renew either way #4 just had a customer do this. So basically it means you have to check every renewal notice and make sure to remove the auto generated invoice which causes confusion for the customer. Anyone have suggestions on how to handle these problems?