Описание
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | not-affected | |
| hardy | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | released | 7.0 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir param ...
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.
EPSS
7.5 High
CVSS2