Lucene search
K
WhmcsWhmcompletesolution

4 matches found

CVE
CVE
added 2012/01/14 2:0 a.m.68 views

CVE-2012-0693

WHMCS/WHMCompleteSolution 5.03 is affected by CVE-2012-0693: submitticket.php allows remote attackers to inject code into the ticket subject via crafted data, due to improper handling of characters in the subject field. This is a separate issue from CVE-2011-5061. The vendor notes overlap with CV...

5CVSS7.2AI score0.01022EPSS
CVE
CVE
added 2012/01/14 2:0 a.m.57 views

CVE-2011-5061

CVE-2011-5061 affects WHMCS (WHMCompleteSolution) 4.0.x–5.0.x. The vulnerability lies in functions.php allowing remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket with weaponized subject data, due to improper handling of characters....

7.5CVSS7.6AI score0.023EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.48 views

CVE-2011-4810

CVE-2011-4810 describes multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x. The issue allows remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php, (2) downloads.php, and via the report parameter to admin/reports.php. ...

5CVSS7.1AI score0.07025EPSS
Web
CVE
CVE
added 2011/12/14 12:0 a.m.46 views

CVE-2011-4813

CVE-2011-4813 affects WHMCompleteSolution (WHMCS) 3.x.x. The vulnerability is a directory traversal in clientarea.php, exploitable via an invalid action and a ../ in the templatefile parameter, allowing read of arbitrary files. The connected sources confirm the affected software and the root caus...

5CVSS6.9AI score0.03287EPSS