Whmcs · Whmcs · CVE-2011-4813
**Name of the Vulnerable Software and Affected Versions**
WHMCS versions 3.x.x
**Description**
A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by providing an invalid action and a ../ (dot dot slash) in the `templatefile` parameter of the clientarea.php file.
**Recommendations**
For WHMCS versions 3.x.x, update to a version that fixes this issue to prevent directory traversal attacks.