CVE-2008-3922
CVE-2008-3922
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
cve_referencewww.exploit-db.com/exploits/17324no verificadocve_referencewww.exploit-db.com/exploits/6368no verificadoexploitdbwww.exploit-db.com/exploits/17324no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/31630http://securityreason.com/securityalert/4218http://securityreason.com/securityalert/8259https://exchange.xforce.ibmcloud.com/vulnerabilities/44712https://www.exploit-db.com/exploits/6368http://userwww.service.emory.edu/~ekenda2/EMORY-2008-01.txthttp://www.exploit-db.com/exploits/17324http://www.securityfocus.com/archive/1/495770/100/0/threadedhttp://www.securityfocus.com/bid/30856http://www.telartis.nl/xcms/awstats/http://www.vupen.com/english/advisories/2008/2442