CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

SUSE CVE•added 2023/02/15 6:15 a.m.•1 views

SUSE CVE-2006-2644

AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive...

4CVSS8AI score0.01038EPSS

Exploits0References4

Prion•added 2006/05/30 10:2 a.m.•30 views

Default configuration

4CVSS7.6AI score0.01038EPSS

Exploits0References11Affected Software1

NVD•added 2006/05/30 10:2 a.m.•14 views

CVE-2006-2644

4CVSS7.3AI score0.01038EPSS

Exploits0References11

OSV•added 2006/05/30 10:2 a.m.•2 views

DEBIAN-CVE-2006-2644

4CVSS8AI score0.01038EPSS

Exploits0References1

Debian CVE•added 2006/05/30 10:0 a.m.•22 views

CVE-2006-2644

4CVSS7.3AI score0.01038EPSS

Exploits0

Tenable Nessus•added 2006/05/13 12:0 a.m.•14 views

FreeBSD : awstats -- arbitrary command execution vulnerability (2df297a2-dc74-11da-a22b-000c6ec775d9)

OS Reviews reports : If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character '|' leads to an insecure call to Perl's open function an...

6.2AI score

Exploits0References3

FreeBSD•added 2006/05/03 12:0 a.m.•14 views

awstats -- arbitrary command execution vulnerability

OS Reviews reports: If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character "|" leads to an insecure call to Perl's open function and...

2.7AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by