Lucene search
HistoryApr 20, 2006 - 10:02 p.m.
CVE-2006-1945
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.0%
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732.
Affected configurations
Node
awstatsawstatsRange≤6.5_1.857
ORawstatsawstatsMatch6.0
ORawstatsawstatsMatch6.1
ORawstatsawstatsMatch6.2
ORawstatsawstatsMatch6.3
ORawstatsawstatsMatch6.4
ORawstatsawstatsMatch6.5
Related
cvelist
cvelist
ubuntucve
ubuntucve
prion
prion
Cross site scripting
2006-04-20 22:02:00
Cross site scripting
2008-08-19 19:41:00
cve
cve
debiancve
debiancve
nvd
nvd
gentoo
gentoo
AWStats: Remote execution of arbitrary code
2006-06-07 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1075-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200606-06 (awstats)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200606-06 (awstats)
2008-09-24 00:00:00
nessus
nessus
GLSA-200606-06 : AWStats: Remote execution of arbitrary code
2006-06-08 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.0%
Related for NVD:CVE-2006-1945