The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.
References
Link | Resource |
---|---|
http://www.virtualizor.com/blog/?p=1551 | Patch Vendor Advisory |
https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-03-11T06:46:00
Updated: 2017-04-12T03:57:01
Reserved: 2017-03-07T00:00:00
Link: CVE-2017-6513
JSON object: View
NVD Information
Status : Modified
Published: 2017-03-11T06:59:00.243
Modified: 2017-04-13T01:59:01.117
Link: CVE-2017-6513
JSON object: View
Redhat Information
No data.
CWE