Vulnerability Details CVE-2011-4810
Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.8%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2011-4810
-
cpe:2.3:a:whmcs:whmcompletesolution:3.0.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.2.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.2.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.3.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.3.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.2