CVE-2017-6513

Published: Mar 11, 2017Modified: May 13, 2026

9.9

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.1 / Impact: 6.0

Source: NVD

Description

The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.

Affected (1)

Products: Softaculous: Whmcs Reseller Module

Softaculous

1 product

Whmcs Reseller Module

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Softaculous Whmcs Reseller Module	Version 2.0.2

Running on/with	Platform Versions
Softaculous Virtualizor	Up to 2.9.0.6

Related CWEs

CWE-275

References (4)

http://www.virtualizor.com/blog/?p=1551

Source: cve@mitre.org

PatchVendor Advisory

https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7

Source: cve@mitre.org

http://www.virtualizor.com/blog/?p=1551

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.