3 matches found
AWStats Totals awstatstotals.php sort Parameter Code Execution (CVE-2008-3922)
A code execution vulnerability has been reported in AWStats Totals. The vulnerability is due to insufficient sanitization of the "sort" parameter in the "awstatstotals.php". A remote attacker could exploit this vulnerability by dynamically creating an anonymous PHP function...
Awstatstotals 1.14 Awstatstotals.php 代码执行漏洞
No description provided by source...
AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution
The remote web server is running a version of awstatstotals.php which does not properly sanitize its 'sort' argument. An attacker can run arbitrary commands on the remote host within the context of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...