CVE-2010-4369Path Traversal in Awstats

CWE-22Path Traversal6 documents6 sources
Severity
6.4MEDIUMNVD
EPSS
0.2%
top 60.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
AwstatsDebian Awstats
Timeline
PublishedDec 2
Latest updateMay 17

Description

Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

debiandebian/awstats< awstats 6.9.5~dfsg-5 (bookworm)
Debianawstats/awstats< 6.9.5~dfsg-5+3
NVDawstats/awstats6.95+32

🔴Vulnerability Details

2
GHSA
GHSA-v355-j978-c759: Directory traversal vulnerability in AWStats before 72022-05-17
OSV
CVE-2010-4369: Directory traversal vulnerability in AWStats before 72010-12-02

📋Vendor Advisories

2
Ubuntu
AWStats vulnerability2011-01-24
Debian
CVE-2010-4369: awstats - Directory traversal vulnerability in AWStats before 7.0 allows remote attackers ...2010

💬Community

1
Bugzilla
CVE-2010-4369 Awstats: Directory traversal via crafted LoadPlugin directory2010-12-02
CVE-2010-4369 — Path Traversal in Debian Awstats | cvebase