CVE-2011-4810
Published Dec 14, 2011
Last updated 13 years ago
Overview
- Description
- Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAE9844C-3100-4156-B2AB-0943AFE1B54C"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2AD4B2D-E964-44CA-8876-99B90FF3115F"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBF47C26-16E7-4FF6-8C32-7E613DFC6C5F"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0BE2826-A35D-439D-B698-0E48CF78950D"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65E22213-2656-4A6E-93DF-82FCFF6A757B"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C0DC052-A1F6-4A64-8760-5F43F0662017"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA985700-B7B0-4D21-BEA2-B4B528AB3224"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "457D9958-4918-4B13-8755-53E30E20DA8F"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F06C120-8FB8-405C-BCA1-165E1220E41F"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DC4003A-3291-404B-A611-AE5ECB653A51"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2D1C1E4-8DFB-4C6F-AC4C-B1AFDFB08905"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7B2828A-2760-4833-B598-B577367C2641"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7020787-BDD3-4F06-A7F1-C96D30287346"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1EB7AEF-3CB2-445C-95E7-D75113E096DB"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE649BF1-1D8D-4130-BE24-1B9296B97B6A"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDD91F12-FE2B-48C5-AA65-B951E4F865C4"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BAC98C21-371D-4272-A4D6-4BCB579F4987"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04294CF0-08F0-4068-AA90-989EB01DCCE6"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F45FA57-BEDF-4F57-A21D-A43063C081AD"
},
{
"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD5B5029-B552-4361-9076-62E54BE1D85E"
}
],
"operator": "OR"
}
]
}
]