| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-4547 | 4.3 |
Unspecified vulnerability in awredir.pl in AWStats before 7.1 has unknown impact and attack vectors. Per http://awstats.cvs.sourceforge.net/viewvc/awstats/awstats/wwwroot/cgi-bin/awredir.pl?r1=1.13&r2=1.14 this vulnerability has been scored as XSS.
|
29-08-2017 - 01:32 | 31-10-2012 - 10:50 | |
| CVE-2008-3714 | 4.3 |
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681 and CVE-2006-1945.
|
08-08-2017 - 01:32 | 19-08-2008 - 19:41 | |
| CVE-2010-4369 | 6.4 |
Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.
|
23-02-2011 - 06:47 | 02-12-2010 - 16:22 | |
| CVE-2010-4367 | 7.5 |
awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.
|
23-02-2011 - 06:47 | 02-12-2010 - 16:22 | |
| CVE-2009-5020 | 5.8 |
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
02-12-2010 - 16:22 | 02-12-2010 - 16:22 | |
| CVE-2005-0116 | 7.5 |
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
|
05-09-2008 - 20:45 | 18-01-2005 - 05:00 |