CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

659 matches found

OSV•added 2026/03/20 9:17 p.m.•3 views

UBUNTU-CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

7.8CVSS5.8AI score0.01046EPSS

Exploits1References4

Cvelist•added 2026/03/20 12:0 a.m.•19 views

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

0.01046EPSS

Exploits1References2

ATTACKERKB•added 2026/03/20 12:0 a.m.•1 views

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

5.8AI score0.01046EPSS

Exploits1References3

Vulnrichment•added 2026/03/20 12:0 a.m.•3 views

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

5.8AI score0.01046EPSS

Exploits1References2

CNNVD•added 2026/03/20 12:0 a.m.•6 views

AWStats 安全漏洞

AWStats is a log analysis tool developed by eldy, a personal developer. This software supports the analysis of web site logs on all operating systems such as IIS 5.0 and Apache. It can analyze logs from web, WAP, proxy, streaming servers, FTP, and mail servers. AWStats 8.0 has a security...

7.8CVSS5.7AI score0.01046EPSS

Exploits1References3

CVE•added 2026/03/20 12:0 a.m.•13 views

CVE-2025-63261

AWStats 8.0 is affected by CVE-2025-63261: a Command Injection vulnerability in the open function. Root cause and impact as per provided sources indicate potential impact to confidentiality, integrity, and availability (CVSS v3.1: 7.8, HIGH) when exploited locally. Public advisories and vendor re...

7.8CVSS5.8AI score0.01046EPSS

Exploits1References3Affected Software1

Debian CVE•added 2026/03/20 12:0 a.m.•2 views

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

7.8CVSS5.8AI score0.01046EPSS

Exploits1

AlpineLinux•added 2026/03/20 12:0 a.m.•1 views

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

7.8CVSS5.9AI score0.01046EPSS

Exploits1References3

Nuclei•added 2026/02/04 7:0 a.m.•11 views

AWStats <= 7.5 - Full Path Disclosure

AWStats 7.6 contains a full path disclosure caused by improper handling of framename and update parameters in awstats.pl, letting remote attackers determine server file paths, exploit requires sending crafted parameters. id: CVE-2018-10245 info: name: AWStats = 7.5 - Full Path Disclosure author:...

5.3CVSS6.9AI score0.01917EPSS

Exploits1References2

Positive Technologies•added 2026/01/30 12:0 a.m.•6 views

PT-2026-5405

Name of the Vulnerable Software and Affected Versions AWStats version 8.0 Description AWStats version 8.0 contains a command injection issue due to an unsafe use of the open function in Perl when processing HTTP GET parameters. Specifically, the presence of a pipe symbol '|' within a parameter ca...

7.8CVSS6.4AI score0.01046EPSS

Exploits1References12