CVE-2006-3681 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) refererpagesfilter (2) refererpagesfilterex (3) urlfilterex (4) urlfilter (5) hostfilter or (6) hostfilterex parameters a different set of vectors than CVE-2006-1945.
Reference
http://pridels0.blogspot.com/2006/04/awstats-65x-multiple-vuln.html http://secunia.com/advisories/19725 http://secunia.com/advisories/22306 http://www.ubuntu.com/usn/usn-360-1 http://www.vupen.com/english/advisories/2006/1421 https://exchange.xforce.ibmcloud.com/vulnerabilities/25879 Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) refererpagesfilter (2) refererpagesfilterex (3) urlfilterex (4) urlfilter (5) hostfilter or (6) hostfilterex parameters a different set of vectors than CVE-2006-1945.
Share on: