CVE-2011-4810 Information

Description

Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php and (3) the report parameter to admin/reports.php.

Reference

http://www.exploit-db.com/exploits/18088