Описание
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 7.6+dfsg-1ubuntu0.17.10.1 |
| devel | released | 7.6+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [7.2+dfsg-1ubuntu0.1]] |
| esm-infra/xenial | released | 7.4+dfsg-1ubuntu0.2 |
| precise/esm | DNE | |
| trusty | released | 7.2+dfsg-1ubuntu0.1 |
| trusty/esm | DNE | trusty was released [7.2+dfsg-1ubuntu0.1] |
| upstream | needs-triage | |
| xenial | released | 7.4+dfsg-1ubuntu0.2 |
| zesty | released | 7.6+dfsg-1ubuntu0.17.04.1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw ...
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
7.5 High
CVSS2
9.8 Critical
CVSS3