Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2010/12/02 4:22 p.m.28 views

CVE-2010-4368

awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname...

7.5CVSS6.2AI score0.0252EPSS
Exploits1References3
Cvelist
Cvelist
added 2010/12/02 4:0 p.m.24 views

CVE-2010-4368

awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname...

7.3AI score0.0252EPSS
Exploits1References3
CVE
CVE
added 2010/12/02 4:0 p.m.57 views

CVE-2010-4368

AWStats vulnerability CVE-2010-4368 affects awstats.cgi prior to version 7.0 on Windows. The issue arises from accepting a configdir parameter in the URL, allowing a remote attacker to trigger arbitrary commands by pointing to a crafted configuration file on an SMB/UNC share. The base CVSSv2 scor...

7.5CVSS7.6AI score0.0252EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2010/12/01 12:0 a.m.23 views

Awstats Configuration File Remote Arbitrary Command Execution Vulnerability

Awstats is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user- supplied input. An attacker can exploit this vulnerability to execute arbitrary shell commands in the context of the webserver process. This may help...

7.5CVSS0.5AI score0.27673EPSS
Exploits2References4
CERT
CERT
added 2010/11/30 12:0 a.m.32 views

AWStats fails to properly handle "\\" when specifying a configuration file directory

Overview AWStats fails to properly handle "\" when specifying a configuration file directory. This could allow an attacker to specify an arbitrary configuration file located on an SMB share. Description From the AWStats project website: "AWStats is a free powerful and featureful tool that...

7.5CVSS6.5AI score0.27673EPSS
Exploits2References6
Rows per page
Query Builder