Information on source package awstats

Available versions

ReleaseVersion
wheezy7.0~dfsg-7
wheezy (security)7.0~dfsg-7+deb7u1
jessie7.2+dfsg-1
jessie (security)7.2+dfsg-1+deb8u1
stretch (security)7.6+dfsg-1+deb9u1
buster7.6+dfsg-2
sid7.6+dfsg-2

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2018-10245vulnerablevulnerablevulnerablevulnerablevulnerableA Full Path Disclosure vulnerability in AWStats through 7.6 allows ...

Resolved issues

BugDescription
CVE-2017-1000501Awstats version 7.6 and earlier is vulnerable to a path traversal flaw ...
CVE-2012-4547Unspecified vulnerability in awredir.pl in AWStats before 7.1 has ...
CVE-2010-4369Directory traversal vulnerability in AWStats before 7.0 allows remote ...
CVE-2010-4368awstats.cgi in AWStats before 7.0 on Windows accepts a configdir ...
CVE-2010-4367awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...
CVE-2009-5020Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...
CVE-2008-5080awstats.pl in AWStats 6.8 and earlier does not properly remove quote ...
CVE-2008-3714Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 ...
CVE-2006-3682awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote ...
CVE-2006-3681Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in ...
CVE-2006-2644AWStats 6.5, and possibly other versions, allows remote authenticated ...
CVE-2006-2237The web interface for AWStats 6.4 and 6.5, when statistics updates are ...
CVE-2006-1945Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...
CVE-2005-1527Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...
CVE-2005-0438awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain ...
CVE-2005-0437Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 ...
CVE-2005-0436Direct code injection vulnerability in awstats.pl in AWStats 6.3 and ...
CVE-2005-0435awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read ...
CVE-2005-0363awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute ...
CVE-2005-0362awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary ...
CVE-2005-0116AWStats 6.1, and other versions before 6.3, allows remote attackers to ...

Security announcements

DSA / DLADescription
DSA-4092-1awstats - security update
DSA-4092-1awstats - security update
DLA-1238-1awstats - security update
DSA-1679-1awstats - cross-site scripting
DSA-1075-1awstats - programming error
DSA-1058-1awstats - missing input sanitising
DSA-1058-1awstats - missing input sanitising
DSA-892-1awstats - missing input sanitising
DSA-892-1awstats - missing input sanitising
DSA-682-1awstats - missing input sanitising

Search for package or bug name: Reporting problems