Lucene search

[email protected]NVD:CVE-2011-4810

HistoryDec 14, 2011 - 12:55 a.m.

CVE-2011-4810

2011-12-1400:55:19

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.008

Percentile

81.4%

JSON

Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.

Affected configurations

Nvd

Node

whmcswhmcompletesolutionMatch3.0.0

whmcswhmcompletesolutionMatch4.0.0

whmcswhmcompletesolutionMatch4.0.1

whmcswhmcompletesolutionMatch4.0.2

whmcswhmcompletesolutionMatch4.1.0

whmcswhmcompletesolutionMatch4.1.1

whmcswhmcompletesolutionMatch4.1.2

whmcswhmcompletesolutionMatch4.2.0

whmcswhmcompletesolutionMatch4.2.0beta_r1

whmcswhmcompletesolutionMatch4.2.0beta_r2

whmcswhmcompletesolutionMatch4.2.0beta_r3

whmcswhmcompletesolutionMatch4.2.1

whmcswhmcompletesolutionMatch4.3.0

whmcswhmcompletesolutionMatch4.3.1

whmcswhmcompletesolutionMatch4.4.0

whmcswhmcompletesolutionMatch4.4.1

whmcswhmcompletesolutionMatch4.4.2

whmcswhmcompletesolutionMatch4.5.0

whmcswhmcompletesolutionMatch4.5.1

whmcswhmcompletesolutionMatch4.5.2

VendorProductVersionCPE
whmcswhmcompletesolution3.0.0cpe:2.3:a:whmcs:whmcompletesolution:3.0.0:*:*:*:*:*:*:*
whmcswhmcompletesolution4.0.0cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*
whmcswhmcompletesolution4.0.1cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*
whmcswhmcompletesolution4.0.2cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*
whmcswhmcompletesolution4.1.0cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*
whmcswhmcompletesolution4.1.1cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*
whmcswhmcompletesolution4.1.2cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*
whmcswhmcompletesolution4.2.0cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*
whmcswhmcompletesolution4.2.0cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*
whmcswhmcompletesolution4.2.0cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*

Vendor	Product	Version	CPE
whmcs	whmcompletesolution	3.0.0	cpe:2.3:a:whmcs:whmcompletesolution:3.0.0:::::::*
whmcs	whmcompletesolution	4.0.0	cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:::::::*
whmcs	whmcompletesolution	4.0.1	cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:::::::*
whmcs	whmcompletesolution	4.0.2	cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:::::::*
whmcs	whmcompletesolution	4.1.0	cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:::::::*
whmcs	whmcompletesolution	4.1.1	cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:::::::*
whmcs	whmcompletesolution	4.1.2	cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:::::::*
whmcs	whmcompletesolution	4.2.0	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:::::::*
whmcs	whmcompletesolution	4.2.0	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1::::::
whmcs	whmcompletesolution	4.2.0	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2::::::