Remote Code Execution in WHMCS Reseller Module V2 2.0.2

Remote Code Execution in WHMCS Reseller Module V2 2.0.2

CVE-2017-6513 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.

Learn more about our User Device Pen Test.