This is a potential security issue, you are being redirected to http://nvd.nist.gov
Last updated: 9/1/2015 3:56:45 AM
CVE Publication rate: 20.23
NVD provides four mailing lists to the public. For information and subscription instructions please visit
NVD Mailing Lists
** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap CVE-2011-5061, but that it "says it affects V5.0.3, and the submitticket.php file, both of which are wrong."
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to email@example.com.
submitticket.php en WHMCompleteSolution (WHMCS) v5.03 permite a atacantes remotos ejecutar código arbitrario en un campo subject a través de datos de entrada manipulados, una vulnerabilidad diferente a CVE-2011-5061.
** DISPUTADA ** submitticket.php en WHMCompleteSolution (WHMCS) 5.03 permite a atacantes remotos inyectar código arbitrario en un campo subject a través de datos de ticket manipulados, una vulnerabilidad diferente a CVE-2011-5061. NOTA: el proveedor disputa este problema, anota que algunos de los detalles solapan el CVE-2011-5061, pero que "dice que afecta V5.0.3, y el fichero submitticket.php, ambos siendo erróneos."
& Privacy Statement / Security Notice
Send comments or suggestions to firstname.lastname@example.org
NIST is an Agency of the U.S. Department of Commerce
Full vulnerability listing