9.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.6%
SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter.
packetstormsecurity.com/files/121046/WHMCS-Grouppay-1.5-SQL-Injection.html
secunia.com/advisories/52804
www.osvdb.org/91980
www.exploit-db.com/exploits/24934