mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
804 B
804 B
CVE-2013-3536
Description
SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter.
POC
Reference
- http://packetstormsecurity.com/files/121046/WHMCS-Grouppay-1.5-SQL-Injection.html
- http://packetstormsecurity.com/files/121046/WHMCS-Grouppay-1.5-SQL-Injection.html
Github
No PoCs found on GitHub currently.