Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Awstats
(Awstats)Repositories | https://github.com/eldy/awstats |
#Vulnerabilities | 25 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2005-08-15 | CVE-2005-1527 | Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. | Awstats, Ubuntu_linux, Debian_linux | N/A | ||
2008-12-03 | CVE-2008-5080 | awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714. | Awstats | N/A |