Unrated severityNVD Advisory· Published Jan 14, 2012· Updated Jun 16, 2026
CVE-2011-5061
CVE-2011-5061
Description
functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.
Affected products
24cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:*:*:*:*:*:*:*
- (no CPE)range: 4.0.x - 5.0.x
Patches
Vulnerability mechanics
References
2- forum.whmcs.com/showthread.phpnvdPatchVendor Advisory
- www.webhostingtalk.com/showpost.phpnvd
News mentions
0No linked articles in our index yet.