Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Eldy Awstats 路径遍历漏洞
Vulnerability Description
Eldy Awstats是Eldy个人开发者的一个应用于Web站点的日志分析工具。该软件支持分析IIS 5.0 +,Apache等所有操作系统上Web,WAP,代理,流服务器、FTP、邮件服务器日志文件,显示所有Web统计信息,包括:访问者,页面,匹配、搜索引擎等关键信息 AWStats 7.8及之前版本存在安全漏洞,该漏洞源于cgi-bin/awstats.pl?config=即使它只读取/etc/aws.conf格式的文件。
CVSS Information
N/A
Vulnerability Type
N/A