CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

659 matches found

OpenVAS•added 2020/12/18 12:0 a.m.•18 views

AWStats <= 7.8 File Read Vulnerability - Active Check

AWStats is prone to a file read vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:awstats:awstats"; ifdescription...

5.3CVSS7.4AI score0.00937EPSS

Exploits0References2

Veracode•added 2020/12/13 4:24 a.m.•30 views

Remote Code Execution

awstats is vulnerable to remote code execution. The vulnerability exists as cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format...

9.8CVSS2.3AI score0.01743EPSS

Exploits1References6Affected Software1

OSV•added 2020/12/12 12:15 a.m.•1 views

ALPINE-CVE-2020-35176

In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname omitting the initial /etc, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600...

5.3CVSS6.6AI score0.00937EPSS

Exploits0References1

OSV•added 2020/12/12 12:15 a.m.•15 views

CVE-2020-35176

5.3CVSS6.4AI score

Exploits0References4

NVD•added 2020/12/12 12:15 a.m.•15 views

CVE-2020-35176

5.3CVSS7AI score0.00937EPSS

Exploits0References4

OSV•added 2020/12/12 12:15 a.m.•1 views

DEBIAN-CVE-2020-35176

5.3CVSS7.1AI score0.00937EPSS

Exploits0References1

UbuntuCve•added 2020/12/12 12:15 a.m.•33 views

CVE-2020-35176

5.3CVSS6.8AI score0.00937EPSS

Exploits0References2

Prion•added 2020/12/12 12:15 a.m.•30 views

Format string

5CVSS6.9AI score0.06548EPSS

Exploits1References4Affected Software3

OSV•added 2020/12/12 12:15 a.m.•0 views

UBUNTU-CVE-2020-35176

5.3CVSS6.8AI score0.00937EPSS

Exploits0References3

Cvelist•added 2020/12/11 11:16 p.m.•14 views

CVE-2020-35176

7.1AI score0.00937EPSS

Exploits0References4

CVE•added 2020/12/11 11:16 p.m.•144 views

CVE-2020-35176

AWStats vulnerability CVE-2020-35176 affects AWStats up to version 7.8, where cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting /etc), enabling directory traversal and potential filesystem access. Root cause cited as an incomplete fix for CVE-2017-1000501 and CVE-2020-29600...

5.3CVSS6.8AI score0.00937EPSS

Exploits0References4Affected Software1

AlpineLinux•added 2020/12/11 11:16 p.m.•25 views

CVE-2020-35176

5.3CVSS7.3AI score0.00937EPSS

Exploits0

Debian CVE•added 2020/12/11 11:16 p.m.•26 views

CVE-2020-35176

5.3CVSS7.1AI score0.00937EPSS

Exploits0

CNNVD•added 2020/12/11 12:0 a.m.•3 views

Eldy Awstats Path Traversal Vulnerability

Eldy Awstats is Eldy personal developer of a log analysis tool applied to Web sites. The software supports analyzing Web, WAP, proxy, streaming server, FTP, mail server log files on all operating systems such as IIS 5.0 +, Apache, etc. It displays all Web statistics, including: visitors, pages,...

5.3CVSS6.8AI score0.00937EPSS

Exploits0References9

OSV•added 2020/12/07 8:15 p.m.•1 views

DEBIAN-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

9.8CVSS7.1AI score0.01743EPSS

Exploits1References1

NVD•added 2020/12/07 8:15 p.m.•16 views

CVE-2020-29600

9.8CVSS7.2AI score0.01743EPSS

Exploits1References4

OSV•added 2020/12/07 8:15 p.m.•2 views

ALPINE-CVE-2020-29600

9.8CVSS6.8AI score0.01743EPSS

Exploits1References1

OSV•added 2020/12/07 8:15 p.m.•45 views

CVE-2020-29600