Gentoo Security Advisory GLSA 200501-36 (awstats)

The remote host is missing updates announced in advisory GLSA 200501-36. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200508-07 (awstats)

The remote host is missing updates announced in advisory GLSA 200508-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200606-06 (awstats)

The remote host is missing updates announced in advisory GLSA 200606-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200606-06 (awstats)

The remote host is missing updates announced in advisory GLSA 200606-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

[SECURITY] Fedora 8 Update: awstats-6.8-2.fc8

Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...

Fedora 9 : awstats-6.8-2.fc9 (2008-7663)

Add upstream patch for CVE-2008-3714 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit

No description provided by source. ?php / Remote Execution Exploit for AWStats Totals vulnerability Interactive Shell Version 2 Updated 05/09/08: The exploit now works with magic quotes on or off Author: Ricardo Almeida email: ricardojbaataeiouDoTpt Greetz The hacker webzine authored by Ronald va...

Fedora 8 : awstats-6.8-2.fc8 (2008-7684)

Add upstream patch for CVE-2008-3714 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution

m...

AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ===================================================================== AWStats Totals awstatstotals.php sort Remote Code Execution Exploit ===================================================================== ?php / Remote Execution Exploit...

awstats-exec2.txt

\nEx: awtotalh...

AWStats Totals 1.14 - AWStatstotals.php Remote Code Execution

AWStats Totals 1.14 - AWStatstotals.php Remote Code Execution ?php / Remote Execution Exploit for AWStats Totals vulnerability Interactive Shell Version 2 Updated 05/09/08: The exploit now works with magic quotes on or off Author: Ricardo Almeida email: ricardojbaataeiouDoTpt Greetz The hacker...

CVE-2008-3921

Multiple cross-site scripting XSS vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameter...

Code injection

awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameter...

CVE-2008-3922

awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function...

CVE-2008-3922

CVE-2008-3922 affects AWStats Totals (awstatstotals.php) versions 1.0–1.14. The vulnerability stems from unsanitized sort parameter usage in multisort(), enabling remote code execution by crafting PHP sequences to create an anonymous PHP function. Public references and tooling include Exploit-DB ...

CVE-2008-3921

Multiple cross-site scripting XSS vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameter...

CVE-2008-3922

awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function...

CVE-2008-3921

CVE-2008-3921 affects AWStats Totals 1.0–1.14. The vulnerability is a cross-site scripting (XSS) flaw exploitable via the month and year parameters, allowing remote attackers to inject arbitrary web script or HTML. The connected documents provide the affected product/version and the input vectors...