WHMCS Group Pay Plugin 'hash' Parameter SQL Injection Vulnerability

Bugtraq ID:	58751
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 02 2013 12:00AM
Updated:	Apr 02 2013 12:00AM
Credit:	HJauditing Employee Tim
Vulnerable:
Not Vulnerable:

WHMCS Group Pay Plugin 'hash' Parameter SQL Injection Vulnerability

Group Pay plugin for WHMCS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Group Pay 1.5 is vulnerable; other versions may also be affected.

WHMCS Group Pay Plugin 'hash' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI are available:

http://www.example.com/grouppay.php?hash=%hash%' and '1'='1

WHMCS Group Pay Plugin 'hash' Parameter SQL Injection Vulnerability

Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.

WHMCS Group Pay Plugin 'hash' Parameter SQL Injection Vulnerability

References:

• WHMCS Homepage (WHMCS )