Lucene search
K

12 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

AWStats 6.2-6.1 - configdir Command Injection

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

6.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

AWStats (6.1-6.2) configdir Remote Command Execution

No description provided by source. $Id: awstatsconfigdirexec.rb 7970 2009-12-26 03:31:20Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

6.6AI score
Exploits0
Circl
Circl
added 2009/12/26 12:0 a.m.6 views

CVE-2005-0116

creationtimestamp| type| source ---|---|--- 2009-12-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16905 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/awstatsconfigdirexec.rb 2025-02-06 03:13:38+00:00|...

7.5CVSS5.7AI score0.74941EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.35 views

FreeBSD Ports: awstats

The remote host is missing an update to the system as announced in the referenced advisory. VID 0f5a2b4d-694b-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.2AI score0.74941EPSS
Exploits11
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.19 views

FreeBSD Ports: awstats

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.6AI score0.74941EPSS
Exploits11References5
Metasploit
Metasploit
added 2007/01/05 4:28 a.m.83 views

AWStats configdir Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...

7.5CVSS0.6AI score0.74941EPSS
Exploits11
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.16 views

AWStats < 6.3 'configdir' Parameter Arbitrary Command Execution Vulnerability - Active Check

AWStats is prone to a command execution vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:awstats:awstats";...

7.5CVSS6.8AI score0.74941EPSS
Exploits11References2
CVE
CVE
added 2005/01/19 5:0 a.m.65 views

CVE-2005-0116

CVE-2005-0116 affects AWStats: remote command execution through the configdir parameter in the AWStats CGI (awstats.pl) affecting 6.1 and earlier versions up to 6.2/6.2.x, with public reports of exploitation. The root cause is unsanitized input passed to a shell/open call, allowing arbitrary comm...

7.5CVSS7.2AI score0.74941EPSS
Exploits11References7Affected Software1
Cvelist
Cvelist
added 2005/01/19 5:0 a.m.27 views

CVE-2005-0116

AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl...

7.3AI score0.74941EPSS
Exploits11References7
NVD
NVD
added 2005/01/18 5:0 a.m.17 views

CVE-2005-0116

AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl...

7.5CVSS7.4AI score0.74941EPSS
Exploits11References7
Tenable Nessus
Tenable Nessus
added 2005/01/18 12:0 a.m.1347 views

AWStats awstats.pl configdir Parameter Arbitrary Command Execution

The remote host is running AWStats, a free logfile analysis tool for analyzing ftp, mail, web, ... traffic. The remote version of this software fails to sanitize user-supplied input to the 'configdir' parameter of the 'awstats.pl' script. An attacker may exploit this condition to execute commands...

7.5CVSS5.6AI score0.74941EPSS
Exploits11References3
Exploit DB
Exploit DB
added 2005/01/15 12:0 a.m.55 views

AWStats 6.2 &lt; 6.1 - configdir Command Injection (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

7.5CVSS6.6AI score0.74941EPSS
Exploits11
Rows per page
Query Builder