Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2012-4547
Disclosure Date: October 31, 2012 (last updated October 05, 2023)
Unspecified vulnerability in awredir.pl in AWStats before 7.1 has unknown impact and attack vectors.
0
Attacker Value
Unknown
CVE-2010-4369
Disclosure Date: December 02, 2010 (last updated October 04, 2023)
Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.
0
Attacker Value
Unknown
CVE-2010-4367
Disclosure Date: December 02, 2010 (last updated October 04, 2023)
awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.
0
Attacker Value
Unknown
CVE-2009-5020
Disclosure Date: December 02, 2010 (last updated October 04, 2023)
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
0
Attacker Value
Unknown
CVE-2010-4368
Disclosure Date: December 02, 2010 (last updated October 04, 2023)
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.
0
Attacker Value
Unknown
CVE-2005-0363
Disclosure Date: May 02, 2005 (last updated February 22, 2025)
awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
0
Attacker Value
Unknown
CVE-2005-0362
Disclosure Date: February 09, 2005 (last updated February 22, 2025)
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
0
