Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-b9db-6sn9-9ygs
Summaryawstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.
Aliases
0
alias CVE-2010-4367
Fixed_packages
0
url pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
purl pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.9.5~dfsg-5%3Fdistro=trixie
1
url pkg:deb/debian/awstats@6.9.5~dfsg-5
purl pkg:deb/debian/awstats@6.9.5~dfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8mgb-4zgv-mqha
1
vulnerability VCID-beax-pm9a-ubaa
2
vulnerability VCID-cbgp-aq7w-yfbz
3
vulnerability VCID-fbbx-wedf-gbaq
4
vulnerability VCID-wnjw-nn5s-nfhd
5
vulnerability VCID-wqra-ucws-zkes
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.9.5~dfsg-5
2
url pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-3%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.9-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/awstats@8.0-5?distro=trixie
purl pkg:deb/debian/awstats@8.0-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@8.0-5%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/awstats@4.0-0.woody.2
purl pkg:deb/debian/awstats@4.0-0.woody.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t42-gcfg-cyf2
1
vulnerability VCID-6fkb-n546-4ya7
2
vulnerability VCID-76bv-nfk9-5yan
3
vulnerability VCID-8mgb-4zgv-mqha
4
vulnerability VCID-awuz-z2kw-x7fq
5
vulnerability VCID-b9db-6sn9-9ygs
6
vulnerability VCID-beax-pm9a-ubaa
7
vulnerability VCID-cbgp-aq7w-yfbz
8
vulnerability VCID-dtmc-wbup-aufc
9
vulnerability VCID-fbbx-wedf-gbaq
10
vulnerability VCID-jbqk-vmys-vucx
11
vulnerability VCID-js99-15da-kbg8
12
vulnerability VCID-ntp3-gfsy-ckhn
13
vulnerability VCID-nz31-frjj-p3dg
14
vulnerability VCID-q2r3-upu2-r7g5
15
vulnerability VCID-tg9n-ux4e-fkbj
16
vulnerability VCID-ujy3-xt1g-t3d6
17
vulnerability VCID-wnjw-nn5s-nfhd
18
vulnerability VCID-wqra-ucws-zkes
19
vulnerability VCID-wuv6-at4s-2fcg
20
vulnerability VCID-x473-e3nc-73ac
21
vulnerability VCID-x6ms-4een-y7f4
22
vulnerability VCID-xa6x-8hw9-dfh7
23
vulnerability VCID-xz75-rymq-5fac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@4.0-0.woody.2
1
url pkg:deb/debian/awstats@6.4-1sarge3
purl pkg:deb/debian/awstats@6.4-1sarge3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6fkb-n546-4ya7
1
vulnerability VCID-76bv-nfk9-5yan
2
vulnerability VCID-8mgb-4zgv-mqha
3
vulnerability VCID-awuz-z2kw-x7fq
4
vulnerability VCID-b9db-6sn9-9ygs
5
vulnerability VCID-beax-pm9a-ubaa
6
vulnerability VCID-cbgp-aq7w-yfbz
7
vulnerability VCID-dtmc-wbup-aufc
8
vulnerability VCID-fbbx-wedf-gbaq
9
vulnerability VCID-jbqk-vmys-vucx
10
vulnerability VCID-nz31-frjj-p3dg
11
vulnerability VCID-tg9n-ux4e-fkbj
12
vulnerability VCID-wnjw-nn5s-nfhd
13
vulnerability VCID-wqra-ucws-zkes
14
vulnerability VCID-x473-e3nc-73ac
15
vulnerability VCID-xa6x-8hw9-dfh7
16
vulnerability VCID-xz75-rymq-5fac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.4-1sarge3
2
url pkg:deb/debian/awstats@6.5%2Bdfsg-1
purl pkg:deb/debian/awstats@6.5%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6fkb-n546-4ya7
1
vulnerability VCID-76bv-nfk9-5yan
2
vulnerability VCID-8mgb-4zgv-mqha
3
vulnerability VCID-b9db-6sn9-9ygs
4
vulnerability VCID-beax-pm9a-ubaa
5
vulnerability VCID-cbgp-aq7w-yfbz
6
vulnerability VCID-fbbx-wedf-gbaq
7
vulnerability VCID-wnjw-nn5s-nfhd
8
vulnerability VCID-wqra-ucws-zkes
9
vulnerability VCID-x473-e3nc-73ac
10
vulnerability VCID-xz75-rymq-5fac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.5%252Bdfsg-1
3
url pkg:deb/debian/awstats@6.5%2Bdfsg-1%2Betch1
purl pkg:deb/debian/awstats@6.5%2Bdfsg-1%2Betch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6fkb-n546-4ya7
1
vulnerability VCID-76bv-nfk9-5yan
2
vulnerability VCID-8mgb-4zgv-mqha
3
vulnerability VCID-b9db-6sn9-9ygs
4
vulnerability VCID-beax-pm9a-ubaa
5
vulnerability VCID-cbgp-aq7w-yfbz
6
vulnerability VCID-fbbx-wedf-gbaq
7
vulnerability VCID-wnjw-nn5s-nfhd
8
vulnerability VCID-wqra-ucws-zkes
9
vulnerability VCID-x473-e3nc-73ac
10
vulnerability VCID-xz75-rymq-5fac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.5%252Bdfsg-1%252Betch1
4
url pkg:deb/debian/awstats@6.7.dfsg-5.1%2Blenny1
purl pkg:deb/debian/awstats@6.7.dfsg-5.1%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6fkb-n546-4ya7
1
vulnerability VCID-8mgb-4zgv-mqha
2
vulnerability VCID-b9db-6sn9-9ygs
3
vulnerability VCID-beax-pm9a-ubaa
4
vulnerability VCID-cbgp-aq7w-yfbz
5
vulnerability VCID-fbbx-wedf-gbaq
6
vulnerability VCID-wnjw-nn5s-nfhd
7
vulnerability VCID-wqra-ucws-zkes
8
vulnerability VCID-xz75-rymq-5fac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.7.dfsg-5.1%252Blenny1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4367
reference_id
reference_type
scores
0
value 0.07265
scoring_system epss
scoring_elements 0.91825
published_at 2026-06-11T12:55:00Z
1
value 0.07265
scoring_system epss
scoring_elements 0.91852
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4367
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
reference_id 606263
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/35035.txt
reference_id CVE-2010-4367;OSVDB-69606
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/35035.txt
4
reference_url https://www.securityfocus.com/bid/45123/info
reference_id CVE-2010-4367;OSVDB-69606
reference_type exploit
scores
url https://www.securityfocus.com/bid/45123/info
Weaknesses
Exploits
0
date_added 2010-11-30
description AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2010-11-30
exploit_type webapps
platform cgi
source_date_updated 2014-10-22
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/45123/info
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.1
Risk_score0.2
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-b9db-6sn9-9ygs