659 matches found
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID 0f5a2b4d-694b-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID 2df297a2-dc74-11da-a22b-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID e86fbb5f-0d04-11da-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID fdad8a87-7f94-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
awstats-exec.txt
\n"; arrayshift$argv; $host = $argv0; Start the interactive shell while1 fwriteSTDOUT, "shell: "...
AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution
The remote web server is running a version of awstatstotals.php which does not properly sanitize its 'sort' argument. An attacker can run arbitrary commands on the remote host within the context of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
EMORY-2008-01.txt
Emory University UTS Security Advisory EMORY-2008-01 Topic: Multiple Vulnerabilities in AWStats Totals Original release date: August 26, 2008 SUMMARY ======= Telartis's AWStats Totals program is vulnerable to command execution and cross site scripting attacks. A remote attacker could exploit thes...
AWStats Totals 'sort'参数远程命令执行漏洞
BUGTRAQ ID:30856 CNCAN ID:CNCAN-2008082701 Telartis's AWStats Totals是一款基于PHP的脚本程序。 Telartis's AWStats Totals不正确处理URL参数,远程攻击者可以利用漏洞以应用程序权限执行任意代码。 问题是脚本对提交给'sort'参数的数据缺少过滤,提交特殊的字符可插入PHP表达式,以WEB权限执行。 Telartis AWStats Totals 1.14 升级到AWStats Totals 1.15: http://www.telartis.nl/xcms/awstats/...
Multiple Vulnerabilities in AWStats Totals
Emory University UTS Security Advisory EMORY-2008-01 Topic: Multiple Vulnerabilities in AWStats Totals Original release date: August 26, 2008 SUMMARY ======= Telartis's AWStats Totals program is vulnerable to command execution and cross site scripting attacks. A remote attacker could exploit thes...
DEBIAN-CVE-2008-3714
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
CVE-2008-3714
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
CVE-2008-3714
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
Cross site scripting
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
CVE-2008-3714
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
CVE-2008-3714
Cross-site scripting XSS vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the querystring, a different vulnerability than CVE-2006-3681 and CVE-2006-1945...
CVE-2008-3714
CVE-2008-3714 affects AWStats, specifically the CGI script awstats.pl in version 6.8, where user-controlled input in the query_string is not properly sanitized, enabling a cross-site scripting (XSS) vulnerability. The initial description explicitly states an XSS issue via the query_string, distin...