Awstats
by AWStats
Source repositories
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2732 | 0.00 | — | 0.02 | Aug 30, 2005 | AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message. | |||
| CVE-2005-1527 | 0.00 | — | 0.03 | Aug 15, 2005 | Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. | |||
| CVE-2005-0363 | 0.00 | — | 0.02 | May 2, 2005 | awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | |||
| CVE-2005-0437 | 0.00 | — | 0.02 | May 2, 2005 | Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter. | |||
| CVE-2005-0362 | 0.00 | — | 0.02 | Feb 9, 2005 | awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters. |
- CVE-2005-2732Aug 30, 2005risk 0.00cvss —epss 0.02
AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
- CVE-2005-1527Aug 15, 2005risk 0.00cvss —epss 0.03
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.
- CVE-2005-0363May 2, 2005risk 0.00cvss —epss 0.02
awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
- CVE-2005-0437May 2, 2005risk 0.00cvss —epss 0.02
Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter.
- CVE-2005-0362Feb 9, 2005risk 0.00cvss —epss 0.02
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
Page 2 of 2