Yesterday WHMCS released an announcement that there was a security vulnerability with the Google Checkout module in the 5.0 – 5.1.2 versions of WHMCS. This vulnerability can permit a malicious user to inject SQL via the Google Checkout module.
As we like to take a proactive approach and protect our clients as much as possible, any time we receive security announcements for WHMCS we will patch these for our customers. To ease this process yesterday I went ahead and wrote a linux bash script to take care of this with ease. The script will download the ZIP patch file from WHMCS, and extract the files to a specified directory.
You can find the script under my collection of scripts on GitHub:
Here’s an example of commands you would want to run:
Download script file from GitHub
CHMOD file as executable
chmod +x patchwhmcsgc
View Usage Information
Patch WHMCS Installation /home/myuser/public_html