Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormSajibe KantiPACKETSTORM:179094
HistoryJun 14, 2024 - 12:00 a.m.

Premium Support Tickets For WHMCS 1.2.10 Cross Site Scripting

2024-06-1400:00:00
Sajibe Kanti
packetstormsecurity.com
72
whmcs
modulesgarden
cross site scripting
reflected xss
vulnerability
exploit
javascript code

7.4 High

AI Score

Confidence

Low

JSON
`Exploit Title: Premium Support Tickets For WHMCS Reflected XSS  
Exploit Author: Sajibe Kanti  
Vendor: ModulesGarden  
Vendor Homepage:  
https://www.modulesgarden.com/products/whmcs/premium-support-tickets  
Product Name: Premium Support Tickets For WHMCS  
Product Version: v1.2.10  
Tested Version: WHMCS 8.10.1  
Tested on: Windows 10  
Vulnerabilities Discovered Date: 29/04/2024  
  
Description:  
The Premium Support Tickets For WHMCS plugin by ModulesGarden is vulnerable  
to a reflected cross-site scripting (XSS) attack. This vulnerability allows  
an attacker to inject malicious JavaScript code into the "error&msg="  
parameter of the submitticket.php page, leading to the execution of  
arbitrary code in the context of the victim's browser.  
  
  
Proof of Concept (POC):  
1. Identify a website that utilizes the Premium Support Tickets For WHMCS  
plugin by ModulesGarden.  
2. Navigate to the ticket submission page (submitticket.php).  
3. Select any department to open a new ticket.  
4. If you lack support credit points, you will receive an error message  
with the parameter "error&msg=clientarea_message_cantcreateinthisdept".  
5. Inject your payload into the "error&msg=" parameter.  
6. Construct the following URL with your payload:  
  
https://example.com/submitticket.php?PremiumSupportTickets=error&msg=%22/%3E%3CsvG%20onLoad=alert(/xss/)%3E  
7. Replace the payload with your desired XSS payload:  
"<svg/onLoad=alert(/OPENBUGBOUNTY/)>"  
8. Visit the modified URL in your browser.  
9. Observe the XSS popup indicating successful exploitation of the  
vulnerability.  
  
  
Impact:  
Successful exploitation of this vulnerability could allow an attacker to  
execute arbitrary JavaScript code in the context of an authenticated user's  
browser session. This could lead to various attacks, including but not  
limited to:  
  
- Theft of sensitive information (session cookies, credentials, etc.)  
- Phishing attacks targeting users of the affected WHMCS instance  
- Defacement of the website or redirection to malicious content  
- Browser-based attacks such as keylogging or screen capturing  
  
Note: This exploit is for educational purposes only. Unauthorized access to  
or modification of systems is illegal and unethical. Always obtain proper  
authorization before testing or exploiting vulnerabilities.  
`

7.4 High

AI Score

Confidence

Low

JSON