SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and previous versions for WHMCS allows remote malicious users to execute arbitrary SQL commands via the hash parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
whmcs group_pay |