Awstats

awstats

26 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (26)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-0437 1Awstats 1Awstats Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter.
CVE-2005-0436 1Awstats 1Awstats Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter.
CVE-2005-0435 1Awstats 1Awstats Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
CVE-2005-0363 1Awstats 1Awstats Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
CVE-2005-0362 1Awstats 1Awstats Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
CVE-2005-0116 1Awstats 1Awstats Apr 16, 2026 Jan 18, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.