VYPR
Unrated severityNVD Advisory· Published Jan 14, 2012· Updated Jun 16, 2026

CVE-2011-5061

CVE-2011-5061

Description

functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.

Affected products

24
  • cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*+ 23 more
    • cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:*:*:*:*:*:*:*
    • (no CPE)range: 4.0.x - 5.0.x

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.

CVE-2011-5061 · VYPR