CVE-2008-3922

awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
Configurations

Configuration 1

cpe:2.3:a:telartis_bv:awstats_totals:1.11:*:*:*:*:*:*:*
cpe:2.3:a:telartis_bv:awstats_totals:1.1:*:*:*:*:*:*:*
cpe:2.3:a:telartis_bv:awstats_totals:1.13:*:*:*:*:*:*:*
cpe:2.3:a:telartis_bv:awstats_totals:1.14:*:*:*:*:*:*:*
cpe:2.3:a:telartis_bv:awstats_totals:1.0:*:*:*:*:*:*:*

Information

Published : 2008-09-04 06:41

Updated : 2018-10-11 08:50


NVD link : CVE-2008-3922

Mitre link : CVE-2008-3922

Products Affected
No products.
CWE