CVE-2011-4810

CVE-2011-4810 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.

Learn more about our Web Application Penetration Testing UK.