No-Server

Hello everyone, once again there is a exploit around. Shut down your installations. I don't want to spread the link, but same place as last time. Confirm if you know the link. Tested with latest WHMCS version. Any MySQL queries can be run using the exploit.

On the other thread they mentioned it could work with every version. But no one knows for sure yet.

I've not tested it. The guy who found it explicit wrote 5.2.7.

Screenshot to not spread the kiddy-ready-exploit-python-file. **EXPLOIT REMOVED** Doesn't look too good! - - - Updated - - - Just for the information: It was posted about 20-30 minutes ago from this time. - - - Updated - - - You should take your complete WHMCS installation offline for now. For the not-so-technical people: It allows you to run ANY MySQL statement on your installation. So yes, you can fetch everything from the database you want to.

Great Idea turning private messages off as a developer... - Does this module provision the REAL Paysafecard API? Or is it using a third party payment gateway for paysafecards?

Hey, in former addons we used global $db_host,$db_username,$db_password,$db_name; mysql_connect($db_host,$db_username,$db_password); which does not work anymore? What do we use now? Or is that still working? Edit: To share the answer: replace the global part with

Nice try. Oh well... I don't even want to know on how many system this still works. I can garuantee not everyone upgraded.

They are great. Paul is a friendly guy and the integrations are well done.

As I said. Never got a reply to it, except automatic ones. Then after some days the Ticket got auto-closed. Too bad we couldn't chargeback the money.

GG-Webhosting is a horrible company, with horrible service and horrible customer treatment. Please think twice before you place a order with them. They want you to sign stuff for a 5€ product. Refunds are generally not possible and support tickets stay unanswered, all you get is automatic replies. Don't buy their ****. Rather pay someone else to code this for less money and without paying monthly. That's what we did. We hope you enjoy the money James, you must really need it.

Way to expensive. Sounds like a joke to me. If you post this on freelancer.com you find someone from india doing it for 30$ for you.

logactivity ("I can log!");

This should be added to the documentation Edit: Also added it to all the other things like _Create... etc. and now everything works correct again and it doesn't show weird errors like 'ID not found' anymore! Thanks!

Thanks, works great

Why would it be incorrect. It is getting the correct values from the db so I guess it isn't incorrect. Also, I am not even using mysql_real_escape_string here.