Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2010-4369

Published: 02/12/2010 Updated: 23/02/2011
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Awstats

Vulnerability Summary

Directory traversal vulnerability in AWStats prior to 7.0 allows remote malicious users to have an unspecified impact via a crafted LoadPlugin directory.

Vulnerable Product Search on Vulmon Subscribe to Product

awstats awstats 2.2.4

awstats awstats 6.4

awstats awstats 2.2.3

awstats awstats 6.5_1.857

awstats awstats 5.9

awstats awstats 5.8

awstats awstats 5.1

awstats awstats 5.0

awstats awstats 3.2

awstats awstats 6.2

awstats awstats 3.0

awstats awstats 6.5

awstats awstats 6.9

awstats awstats 6.6

awstats awstats 5.5

awstats awstats 5.4

awstats awstats 6.8

awstats awstats 6.4_1

awstats awstats 4.1

awstats awstats 1.0

awstats awstats 5.7

awstats awstats 5.6

awstats awstats 4.0

awstats awstats

awstats awstats 3.1

awstats awstats 6.3

awstats awstats 2.1.

awstats awstats 6.5_1

awstats awstats 6.7

awstats awstats 6.1

awstats awstats 6.0

awstats awstats 5.3

awstats awstats 5.2

Vendor Advisories

Debian CVElist Bug Report Logs: Multiple security issues
Debian Bug report logs - #606263 Multiple security issues Package: awstats; Maintainer for awstats is Debian QA Group <packages@qadebianorg>; Source for awstats is src:awstats (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Tue, 7 Dec 2010 21:45:05 UTC Severity: grave Tags: security ...
Ubuntu Security Notice: awstats vulnerability
It was discovered that AWStats did not correctly filter the LoadPlugin configuration option A local attacker on a shared system could use this to inject arbitrary code into AWStats ...

References

CWE-22http://awstats.sourceforge.net/docs/awstats_changelog.txthttp://www.securityfocus.com/bid/45210http://www.vupen.com/english/advisories/2011/0202http://secunia.com/advisories/43004http://www.ubuntu.com/usn/USN-1047-1http://www.mandriva.com/security/advisories?name=MDVSA-2011:033https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263https://usn.ubuntu.com/1047-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook