Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
awstats awstats vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0363
awstats.pl in AWStats 4.0 and 6.2 allows remote malicious users to execute arbitrary commands via shell metacharacters in the config parameter.
Awstats Awstats 6.2
Awstats Awstats 4.0
NA
CVE-2005-0436
Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to execute portions of Perl code via the PluginMode parameter.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
NA
CVE-2005-0437
Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter.
Awstats Awstats 6.3
Awstats Awstats 6.4
NA
CVE-2005-0435
awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
NA
CVE-2012-4547
Unspecified vulnerability in awredir.pl in AWStats prior to 7.1 has unknown impact and attack vectors.
Laurent Destailleur Awstats 6.6
Laurent Destailleur Awstats 6.9
Laurent Destailleur Awstats 6.3
Laurent Destailleur Awstats 5.4
Laurent Destailleur Awstats 5.5
Laurent Destailleur Awstats 2.1
Laurent Destailleur Awstats 3.1
Laurent Destailleur Awstats 6.0
Laurent Destailleur Awstats 5.2
Laurent Destailleur Awstats 6.95
Laurent Destailleur Awstats 3.0
Laurent Destailleur Awstats 5.7
Laurent Destailleur Awstats 4.1
Laurent Destailleur Awstats 3.2
Laurent Destailleur Awstats 6.2
Laurent Destailleur Awstats 5.1
Laurent Destailleur Awstats 6.5
Laurent Destailleur Awstats 5.6
Laurent Destailleur Awstats 2.24
Laurent Destailleur Awstats 4.0
Laurent Destailleur Awstats 6.1
Laurent Destailleur Awstats 6.8
5.3
CVSSv3
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats up to and including 7.6 allows remote malicious users to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and...
Awstats Awstats
NA
CVE-2006-3681
Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) refererpagesfilter, (2) refererpagesfilterex, (3) urlfilterex, (4) urlfilter, (5) hos...
Awstats Awstats
NA
CVE-2006-3682
awstats.pl in AWStats 6.5 build 1.857 and previous versions allows remote malicious users to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.
Awstats Awstats
1 EDB exploit
NA
CVE-2005-0116
AWStats 6.1, and other versions prior to 6.3, allows remote malicious users to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
Awstats Awstats
4 EDB exploits
NA
CVE-2005-2732
AWStats 6.4, and possibly earlier versions, allows remote malicious users to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
Awstats Awstats
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »