Unrated severityNVD Advisory· Published Sep 4, 2008· Updated Jun 16, 2026
CVE-2008-3922
CVE-2008-3922
Description
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:telartis_bv:awstats_totals:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:telartis_bv:awstats_totals:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:telartis_bv:awstats_totals:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:telartis_bv:awstats_totals:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:telartis_bv:awstats_totals:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:telartis_bv:awstats_totals:1.14:*:*:*:*:*:*:*
- Range: 1.0-1.14
Patches
Vulnerability mechanics
References
11- www.telartis.nl/xcms/awstats/nvdPatch
- secunia.com/advisories/31630nvdVendor Advisory
- securityreason.com/securityalert/4218nvd
- securityreason.com/securityalert/8259nvd
- userwww.service.emory.edu/~ekenda2/EMORY-2008-01.txtnvd
- www.exploit-db.com/exploits/17324nvd
- www.securityfocus.com/archive/1/495770/100/0/threadednvd
- www.securityfocus.com/bid/30856nvd
- www.vupen.com/english/advisories/2008/2442nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44712nvd
- www.exploit-db.com/exploits/6368nvd
News mentions
0No linked articles in our index yet.