Описание
AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
Примечания
path disclosure, so not very important on debian systems
unreproducible according to bug #327729
EPSS
Процентиль: 57%
0.00346
Низкий
Связанные уязвимости
nvd
около 20 лет назад
AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
github
больше 3 лет назад
AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.
EPSS
Процентиль: 57%
0.00346
Низкий