CVE-2010-1702
WHMCS 4.2 - SQL Injection via submitticket.php deptid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-1702. PoCs published by Islam DefenDers.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in WHMCS control panel (WHMCompleteSolution) via the 'deptid' parameter in submitticket.php. The PoC uses a UNION-based SQLi to extract data from the 'tbltickets' and 'tbladmins' tables.
Description
SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in WHMCS control panel (WHMCompleteSolution) via the 'deptid' parameter in submitticket.php. The PoC uses a UNION-based SQLi to extract data from the 'tbltickets' and 'tbladmins' tables.