For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Whmcs 5.2.7 sqli injection
04-12-2017, 11:43 AM,
Post: #51
RE: Whmcs 5.2.7 sqli injection
(10-07-2013, 05:24 AM)Codefire Wrote:

WHMCS 5.2.7 SQLI INJECTION
So, Friends and Enemies :p here is the Lastest Vulnerability Leaked in Black Hackers Market for WHMCS

Vulnerability Effects:

/includes/dbfunctions.php:

Quote:<?php
function update_query($table, $array, $where) {
#[...]
if (substr($value, 0, 11) == 'AES_ENCRYPT') {
$query .= $value.',';
continue;
}
#[...]
$result = mysql_query($query, $whmcsmysql);
}
?>


and download exploit from following link Exploit in python:


Exploit in php:


Register a new user on a target WHMCS install (/register.php)
and edit the exploit with site name, email and password.

ENJOY!!!! ::happy::
Quote
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
05-28-2017, 11:49 AM,
Post: #52
RE: Whmcs 5.2.7 sqli injection
Disable Smilies: disable smilies from showing in this post.
Quote
05-30-2017, 09:54 AM,
Post: #53
RE: Whmcs 5.2.7 sqli injection
(10-07-2013, 05:24 AM)Codefire Wrote:
WHMCS 5.2.7 SQLI INJECTION


So, Friends and Enemies :p here is the Lastest Vulnerability Leaked in Black Hackers Market for WHMCS

Vulnerability Effects:

/includes/dbfunctions.php:

Quote:<?php
function update_query($table, $array, $where) {
   #[...]
   if (substr($value, 0, 11) == 'AES_ENCRYPT') {
       $query .= $value.',';
       continue;
   }
   #[...]
   $result = mysql_query($query, $whmcsmysql);
}
?>


and download exploit from following link  Exploit in python:
 

Exploit in php:
 

Register a new user on a target WHMCS install (/register.php)
 and edit the exploit with site name, email and password.

ENJOY!!!! ::happy::
Quote
06-20-2017, 03:58 PM,
Post: #54
RE: Whmcs 5.2.7 sqli injection
Thanks a lot for sharing - i will check it out
Quote
10-22-2017, 07:21 AM,
Post: #55
RE: Whmcs 5.2.7 sqli injection
thank you for share man
Quote
01-10-2018, 04:41 PM,
Post: #56
RE: Whmcs 5.2.7 sqli injection
let me check this tgzzzzzzzzzzzzzz
Quote
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
01-28-2018, 03:30 PM,
Post: #57
RE: Whmcs 5.2.7 sqli injection
Thanksssssssssssssssssssssssssssssssss
Quote
03-30-2019, 05:34 AM,
Post: #58
RE: Whmcs 5.2.7 sqli injection
hey, good share. thanks a lot
Quote
7 hours ago,
Post: #59
RE: Whmcs 5.2.7 sqli injection
nice share thanks your
Quote


Possibly Related Threads...
Thread Author Replies Views Last Post
MyBB Ajaxfs v2 Plugin - SQL Injection Vulnerability Mr.HacKer 7 7,910 04-14-2019, 07:36 PM
Last Post: robinback
WHMCS 0day Auto Exploiter &lt;= 5.2.8 by g00n Team Xploiters Codefire 71 56,769 03-29-2019, 08:04 AM
Last Post: ibrahimcheik
Inferno vBShout &lt;= 2.5.2 SQL Injection Vulnerability Codefire 2 4,493 02-25-2019, 08:08 PM
Last Post: Nevermind
Joomla SQL Injection 2017 JK-EXPLOITER 0 2,671 07-28-2017, 12:40 PM
Last Post: JK-EXPLOITER
vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability Codefire 1 3,912 01-30-2016, 10:40 PM
Last Post: bl4ck
WHMCS 5.x Authentication Bypass Vulnerability Pratham 9 8,378 11-27-2015, 10:50 AM
Last Post: koles
WordPress plugin cardoza-ajax-search 1.1 sql injection Pratham 0 2,975 04-06-2013, 05:41 PM
Last Post: Pratham

Forum Jump:


Users browsing this thread: 1 Guest(s)
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp


All rights reserved © 2012-2015 OffensiveCommunity, Designed at WallBB Co Uk
Powered By MyBB, © 2002-2020 MyBB Group.