Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote malicious users to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
whmcs whmcompletesolution 4.1.2 |
||
whmcs whmcompletesolution 4.2.1 |
||
whmcs whmcompletesolution 4.3.1 |
||
whmcs whmcompletesolution 4.4.1 |
||
whmcs whmcompletesolution 4.5.0 |
||
whmcs whmcompletesolution 4.0.0 |
||
whmcs whmcompletesolution 4.0.1 |
||
whmcs whmcompletesolution 4.0.2 |
||
whmcs whmcompletesolution 4.1.0 |
||
whmcs whmcompletesolution 4.5.1 |
||
whmcs whmcompletesolution 4.5.2 |
||
whmcs whmcompletesolution 3.0.0 |
||
whmcs whmcompletesolution 4.2.0 |
||
whmcs whmcompletesolution 4.3.0 |
||
whmcs whmcompletesolution 4.1.1 |
||
whmcs whmcompletesolution 4.4.0 |
||
whmcs whmcompletesolution 4.4.2 |