Vulnerability Details CVE-2011-4810
Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.08
EPSS Ranking 91.7%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2011-4810
-
cpe:2.3:a:whmcs:whmcompletesolution:3.0.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.0.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.1.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.2.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.2.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.3.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.3.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.4.2
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.0
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.1
-
cpe:2.3:a:whmcs:whmcompletesolution:4.5.2