Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0693

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0693
Last Modified 23 Apr 2012 12:00:00
Published 13 Jan 2012 10:57:27
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0693

Summary

** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap CVE-2011-5061, but that it "says it affects V5.0.3, and the submitticket.php file, both of which are wrong."

Vulnerable Systems

Application

  • Whmcs Whmcompletesolution 5.03


References

MISC - http://www.oscommerceuniversity.com/lounge/index.php/topic,1209.0.html

MISC - http://www.oscommerceuniversity.com/lounge/index.php/board,23.0.html


Last Updated: 27 May 2016 10:57:19