WHMCS – Admin Application Links CSRF Vulnerability

January 27, 2016 - by RACK911 Labs

Product Description:

WHMCS is an all-in-one client management, billing & support solution for online businesses. Handling everything from signup to termination, WHMCS is a powerful business automation tool that puts you firmly in control.

Vulnerability Discussion:

Due to a CSRF vulnerability within the “Application Links” feature in the admin panel of WHMCS, it is possible for a malicious user to make unauthorized changes. For example, it would be possible to change the WHMCS Single Sign-On links within cPanel to display any text they wanted which could cause alarm for unsuspecting hosting users.

Vendor Contact Timeline:

2015-12-10: Vendor contacted via “Bug Bounty” program.
2016-01-20: Vendor confirms vulnerability.
2016-01-26: Vendor issues update.
2016-01-27: RACK911 Labs issues security advisory.

About Us:

https://www.RACK911Labs.com

RACK911 Labs
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119

1-855-RACK911