CVE-2011-5061

Published Jan 14, 2012

Last updated 13 years ago

Overview

Description: functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2AD4B2D-E964-44CA-8876-99B90FF3115F"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBF47C26-16E7-4FF6-8C32-7E613DFC6C5F"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0BE2826-A35D-439D-B698-0E48CF78950D"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65E22213-2656-4A6E-93DF-82FCFF6A757B"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C0DC052-A1F6-4A64-8760-5F43F0662017"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA985700-B7B0-4D21-BEA2-B4B528AB3224"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "457D9958-4918-4B13-8755-53E30E20DA8F"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F06C120-8FB8-405C-BCA1-165E1220E41F"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DC4003A-3291-404B-A611-AE5ECB653A51"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2D1C1E4-8DFB-4C6F-AC4C-B1AFDFB08905"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7B2828A-2760-4833-B598-B577367C2641"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7020787-BDD3-4F06-A7F1-C96D30287346"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1EB7AEF-3CB2-445C-95E7-D75113E096DB"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE649BF1-1D8D-4130-BE24-1B9296B97B6A"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDD91F12-FE2B-48C5-AA65-B951E4F865C4"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAC98C21-371D-4272-A4D6-4BCB579F4987"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04294CF0-08F0-4068-AA90-989EB01DCCE6"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F45FA57-BEDF-4F57-A21D-A43063C081AD"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD5B5029-B552-4361-9076-62E54BE1D85E"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69F15D66-C989-401C-A679-F89D15988BAB"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D6A1799-FA7B-47D4-9CCF-1CE2EA78C821"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CD5FD3F-DABD-4BC5-9633-6A2F3AD82CD3"
          },
          {
            "criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5578A70D-E13F-416F-A749-58A0E64A5A91"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References