Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0437

Description

Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter.

Affected products

AWStats/Awstats2 versions
cpe:2.3:a:awstats:awstats:6.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:awstats:awstats:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:awstats:awstats:6.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/14299nvdExploitPatchVendor Advisory
www.securityfocus.com/archive/1/390368nvdExploitVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000