cbcvebase.
CVE-2011-5061
published 2012-01-14

CVE-2011-5061: functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by…

PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.30%
81.1th percentile
functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.

Affected

21 ranges
VendorProductVersion rangeFixed in
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
whmcswhmcompletesolution
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.