Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
awstats awstats vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-0436
Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to execute portions of Perl code via the PluginMode parameter.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
505
VMScore
CVE-2005-0435
awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
668
VMScore
CVE-2005-0437
Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter.
Awstats Awstats 6.4
Awstats Awstats 6.3
505
VMScore
CVE-2005-0438
awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to obtain sensitive information by setting the debug parameter.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
383
VMScore
CVE-2012-4547
Unspecified vulnerability in awredir.pl in AWStats prior to 7.1 has unknown impact and attack vectors.
Laurent Destailleur Awstats
Laurent Destailleur Awstats 6.4
Laurent Destailleur Awstats 6.3
Laurent Destailleur Awstats 5.6
Laurent Destailleur Awstats 5.5
Laurent Destailleur Awstats 3.2
Laurent Destailleur Awstats 3.1
Laurent Destailleur Awstats 6.8
Laurent Destailleur Awstats 6.7
Laurent Destailleur Awstats 6.0
Laurent Destailleur Awstats 5.9
Laurent Destailleur Awstats 5.2
Laurent Destailleur Awstats 5.1
Laurent Destailleur Awstats 5.0
Laurent Destailleur Awstats 2.23
Laurent Destailleur Awstats 2.1
Laurent Destailleur Awstats 6.95
Laurent Destailleur Awstats 6.9
Laurent Destailleur Awstats 6.2
Laurent Destailleur Awstats 6.1
Laurent Destailleur Awstats 5.4
Laurent Destailleur Awstats 5.3
231
VMScore
CVE-2006-3681
Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) refererpagesfilter, (2) refererpagesfilterex, (3) urlfilterex, (4) urlfilter, (5) hos...
Awstats Awstats
505
VMScore
CVE-2006-3682
awstats.pl in AWStats 6.5 build 1.857 and previous versions allows remote malicious users to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.
Awstats Awstats
1 EDB exploit
445
VMScore
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats up to and including 7.6 allows remote malicious users to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and...
Awstats Awstats
770
VMScore
CVE-2005-0116
AWStats 6.1, and other versions prior to 6.3, allows remote malicious users to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
Awstats Awstats
4 EDB exploits
445
VMScore
CVE-2005-2732
AWStats 6.4, and possibly earlier versions, allows remote malicious users to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
Awstats Awstats
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »