JUN 27 2018

How to install SUPEE-10752 without SSH

June 27, 2018: SUPEE-10752 version released with fixes that help close authenticated Admin user remote code execution (RCE), cross-site request forgery (CSRF) and other vulnerabilities.
If you have SSH access, it would be more simple to apply the patch via SSH. If you have no SSH access to apply the patch you still can apply the patch via FTP/sFTP upload as shown in this article.

If you wish to save time and have us to install these patches for you, simply click here to order patch installation.

Preparations

Applying Magento patches via FTP/sFTP or FileManager / File Upload

To apply patches in this way we simply replace changed files. This way can not be used blindly if you or your developers have changed any core Magento files (which is a big no-no, by the way). Such changes should be re-applied to patched files, or you loose these changes.

The following files are changed by SUPEE-10752 (v1 for 1.9.3.8 released on June 27, 2018):

app/code/core/Mage/Admin/Model/User.php
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Composite/Fieldset/Options.php
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Options/Option.php
app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Filter/Datetime.php
app/code/core/Mage/Adminhtml/Model/LayoutUpdate/Validator.php
app/code/core/Mage/Adminhtml/controllers/Catalog/CategoryController.php
app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php
app/code/core/Mage/Adminhtml/controllers/Cms/Wysiwyg/ImagesController.php
app/code/core/Mage/Adminhtml/controllers/Cms/WysiwygController.php
app/code/core/Mage/Adminhtml/controllers/CustomerController.php
app/code/core/Mage/Adminhtml/controllers/System/StoreController.php
app/code/core/Mage/Catalog/Model/Product.php
app/code/core/Mage/Catalog/Model/Resource/Category/Tree.php
app/code/core/Mage/Checkout/Model/Api/Resource/Customer.php
app/code/core/Mage/Checkout/Model/Type/Onepage.php
app/code/core/Mage/Checkout/controllers/CartController.php
app/code/core/Mage/Core/Helper/Http.php
app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
app/code/core/Mage/Customer/Helper/Data.php
app/code/core/Mage/Customer/Model/Resource/Customer.php
app/code/core/Mage/Customer/controllers/AccountController.php
app/code/core/Mage/Log/Model/Visitor.php
app/code/core/Mage/Usa/Helper/Data.php
app/code/core/Mage/Usa/Model/Shipping/Carrier/Abstract/Backend/Abstract.php
app/code/core/Mage/Usa/Model/Shipping/Carrier/Ups/Backend/Freemethod.php
app/code/core/Mage/Usa/Model/Shipping/Carrier/Ups/Backend/OriginShipment.php
app/code/core/Mage/Usa/Model/Shipping/Carrier/Ups/Backend/Type.php
app/code/core/Mage/Usa/etc/system.xml
app/code/core/Zend/Filter/PregReplace.php
app/code/core/Zend/Validate/EmailAddress.php
app/design/adminhtml/default/default/template/bundle/product/edit/bundle/option.phtml
app/design/adminhtml/default/default/template/system/shipping/ups.phtml
app/design/frontend/base/default/template/downloadable/catalog/product/links.phtml
app/design/frontend/base/default/template/downloadable/checkout/cart/item/default.phtml
app/design/frontend/base/default/template/downloadable/checkout/onepage/review/item.phtml
app/design/frontend/base/default/template/downloadable/sales/order/items/renderer/downloadable.phtml
app/design/frontend/default/iphone/template/downloadable/checkout/cart/item/default.phtml
app/design/frontend/default/iphone/template/downloadable/checkout/onepage/review/item.phtml
app/design/frontend/rwd/default/template/downloadable/checkout/cart/item/default.phtml
app/design/frontend/rwd/default/template/downloadable/checkout/onepage/review/item.phtml
app/design/frontend/rwd/default/template/downloadable/sales/order/items/renderer/downloadable.phtml
app/locale/en_US/Mage_Catalog.csv
app/locale/en_US/Mage_Usa.csv
cron.php
js/tiny_mce/plugins/media/.htaccess
lib/Varien/Image/Adapter/Gd2.php
To install the patch via FTP/File Upload
  • select patch bundle archive corresponding to your Magento version from the table below and unpack it
  • upload all files and folders to Magento root directory of your store, replacing all files
Warning: As SUPEE-10752 depends on SUPEE-10570v2, we also provide zip bundle for both versions (SUPEE-10570v2+SUPEE-10752), so you can install it at once.
Magento versionSUPEE-10752SUPEE-10570v2+SUPEE-10752
Magento 1.9.3.8SUPEE-10752-1.9.3.8SUPEE-10570v2+SUPEE-10752-1.9.3.8
Magento 1.9.3.7SUPEE-10752-1.9.3.7SUPEE-10570v2+SUPEE-10752-1.9.3.7
Magento 1.9.3.6SUPEE-10752-1.9.3.6SUPEE-10570v2+SUPEE-10752-1.9.3.6
Magento 1.9.3.4SUPEE-10752-1.9.3.4SUPEE-10570v2+SUPEE-10752-1.9.3.4
Magento 1.9.3.3SUPEE-10752-1.9.3.3SUPEE-10570v2+SUPEE-10752-1.9.3.3
Magento 1.9.3.2SUPEE-10752-1.9.3.2SUPEE-10570v2+SUPEE-10752-1.9.3.2
Magento 1.9.3.1SUPEE-10752-1.9.3.1SUPEE-10570v2+SUPEE-10752-1.9.3.1
Magento 1.9.3.0SUPEE-10752-1.9.3.0SUPEE-10570v2+SUPEE-10752-1.9.3.0
Magento 1.9.2.4SUPEE-10752-1.9.2.4SUPEE-10570v2+SUPEE-10752-1.9.2.4
Magento 1.9.2.3SUPEE-10752-1.9.2.3SUPEE-10570v2+SUPEE-10752-1.9.2.3
Magento 1.9.2.2SUPEE-10752-1.9.2.2SUPEE-10570v2+SUPEE-10752-1.9.2.2
Magento 1.9.2.1SUPEE-10752-1.9.2.1SUPEE-10570v2+SUPEE-10752-1.9.2.1
Magento 1.9.2.0SUPEE-10752-1.9.2.0SUPEE-10570v2+SUPEE-10752-1.9.2.0
Magento 1.9.1.1SUPEE-10752-1.9.1.1SUPEE-10570v2+SUPEE-10752-1.9.1.1
Magento 1.9.1.0SUPEE-10752-1.9.1.0SUPEE-10570v2+SUPEE-10752-1.9.1.0
Magento 1.8.1.0SUPEE-10752-1.8.1.0SUPEE-10570v2+SUPEE-10752-1.8.1.0
Magento 1.7.0.2SUPEE-10752-1.7.0.2SUPEE-10570v2+SUPEE-10752-1.7.0.2

Downloads for other versions added to table on demand when we patch certain version via file upload for the first time.

Verification and flush of PHP opcode cache

Test that your store is working. If you use PHP opcode caches (APC/XCache/eAccelerator) make sure to flush it after patching (or restart webserver), otherwise code will continue to run from caches.

Known issues



If you have any difficulties with applying the patches please let us know in comments, so we can find the solution together.

Posted in: Magento Maintenance

How to install SUPEE-10752 without SSH
2 votes, 5.00 avg. rating (94% score)
  • Omar

    Please upload for 1.9.1.0

  • Marek Lesisz

    Can not download any file

    • Denis

      use vpn

  • Piers

    Hi,
    I am getting a 404 on the following files:
    SUPEE-10570v2+SUPEE-10752-1.9.1.1 and SUPEE-10570v2+SUPEE-10752-1.9.1.0
    Any chance of fixing the link?
    Thanks in advance,
    Piers

  • Alexander Shenson

    Hi,
    Same here, as in previous comment. Getting 404 for SUPEE-10570v2+SUPEE-10752-1.9.1.
    Please fix the link.
    Thanks in advance,