{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-01-14T02:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://forum.whmcs.com/showthread.php?t=43462"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5061", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://forum.whmcs.com/showthread.php?t=43462", "refsource": "CONFIRM", "url": "http://forum.whmcs.com/showthread.php?t=43462"}, {"name": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35", "refsource": "CONFIRM", "url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:23:39.902Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://forum.whmcs.com/showthread.php?t=43462"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5061", "datePublished": "2012-01-14T02:00:00Z", "dateReserved": "2012-01-13T00:00:00Z", "dateUpdated": "2024-09-16T21:56:43.364Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2AD4B2D-E964-44CA-8876-99B90FF3115F", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CBF47C26-16E7-4FF6-8C32-7E613DFC6C5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D0BE2826-A35D-439D-B698-0E48CF78950D", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "65E22213-2656-4A6E-93DF-82FCFF6A757B", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C0DC052-A1F6-4A64-8760-5F43F0662017", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA985700-B7B0-4D21-BEA2-B4B528AB3224", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "457D9958-4918-4B13-8755-53E30E20DA8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*", "matchCriteriaId": "6F06C120-8FB8-405C-BCA1-165E1220E41F", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*", "matchCriteriaId": "1DC4003A-3291-404B-A611-AE5ECB653A51", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*", "matchCriteriaId": "E2D1C1E4-8DFB-4C6F-AC4C-B1AFDFB08905", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7B2828A-2760-4833-B598-B577367C2641", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7020787-BDD3-4F06-A7F1-C96D30287346", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1EB7AEF-3CB2-445C-95E7-D75113E096DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AE649BF1-1D8D-4130-BE24-1B9296B97B6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDD91F12-FE2B-48C5-AA65-B951E4F865C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "BAC98C21-371D-4272-A4D6-4BCB579F4987", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "04294CF0-08F0-4068-AA90-989EB01DCCE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F45FA57-BEDF-4F57-A21D-A43063C081AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "AD5B5029-B552-4361-9076-62E54BE1D85E", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "69F15D66-C989-401C-A679-F89D15988BAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D6A1799-FA7B-47D4-9CCF-1CE2EA78C821", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "2CD5FD3F-DABD-4BC5-9633-6A2F3AD82CD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5578A70D-E13F-416F-A749-58A0E64A5A91", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field."}, {"lang": "es", "value": "functions.php en WHMCompleteSolution (WHMCS) en v4.0.x hasta v5.0.x permite a atacantes remotos provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el sistema de plantillas Smarty mediante el env\u00edo de un ticket manipulado, relacionados con el manejo inadecuado de los caracteres en el campo subject."}], "id": "CVE-2011-5061", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-01-14T03:57:27.180", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://forum.whmcs.com/showthread.php?t=43462"}, {"source": "cve@mitre.org", "url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://forum.whmcs.com/showthread.php?t=43462"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}