Unrated severityNVD Advisory· Published Jul 21, 2006· Updated Apr 16, 2026

CVE-2006-3682

Description

awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.

Affected products

AWStats/Awstats
cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:*
Range: <=6.5_1.857

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19725nvdExploitVendor Advisory
pridels0.blogspot.com/2006/04/awstats-65x-multiple-vuln.htmlnvd
secunia.com/advisories/22306nvd
www.ubuntu.com/usn/usn-360-1nvd
www.vupen.com/english/advisories/2006/1421nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25880nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000