CVE-2005-0435

AWStats 6.3-6.4 - Info Disclosure

Title source: llm

Description

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.

Exploits (1)

exploitdb WORKING POC

perldoscgi

https://www.exploit-db.com/exploits/817

View on exploitdb

References (3)

[Patch, Vendor Advisory] http://secunia.com/advisories/14299

[Exploit, Vendor Advisory] http://www.securityfocus.com/archive/1/390368

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/19333

Scores

EPSS 0.0426

EPSS Percentile 88.6%

Classification

Status draft

Affected Products (2)

awstats/awstats

awstats/awstats

Timeline

Published May 02, 2005

Tracked Since Feb 18, 2026