Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
Type
deb
Namespace
debian
Name
awstats
Version
6.9.5~dfsg-5
Qualifiers
distro
trixie
Subpath
Is_vulnerable
false
Next_non_vulnerable_version
7.1~dfsg-1
Latest_non_vulnerable_version
8.0-5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url
VCID-6fkb-n546-4ya7
vulnerability_id
VCID-6fkb-n546-4ya7
summary
Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2010-4369
reference_id
reference_type
scores
0
value
0.00179
scoring_system
epss
scoring_elements
0.39241
published_at
2026-06-11T12:55:00Z
1
value
0.00179
scoring_system
epss
scoring_elements
0.39412
published_at
2026-06-12T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2010-4369
1
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4369
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4369
2
reference_url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
reference_id
606263
reference_type
scores
url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
3
reference_url
https://usn.ubuntu.com/1047-1/
reference_id
USN-1047-1
reference_type
scores
url
https://usn.ubuntu.com/1047-1/
fixed_packages
0
url
pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
purl
pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.9.5~dfsg-5%3Fdistro=trixie
1
url
pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
purl
pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1%3Fdistro=trixie
2
url
pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
purl
pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-3%252Bdeb12u2%3Fdistro=trixie
3
url
pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
purl
pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.9-1%252Bdeb13u1%3Fdistro=trixie
4
url
pkg:deb/debian/awstats@8.0-5?distro=trixie
purl
pkg:deb/debian/awstats@8.0-5?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@8.0-5%3Fdistro=trixie
aliases
CVE-2010-4369
risk_score
null
exploitability
0.5
weighted_severity
0.0
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-6fkb-n546-4ya7
1
url
VCID-b9db-6sn9-9ygs
vulnerability_id
VCID-b9db-6sn9-9ygs
summary
awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2010-4367
reference_id
reference_type
scores
0
value
0.07265
scoring_system
epss
scoring_elements
0.91825
published_at
2026-06-11T12:55:00Z
1
value
0.07265
scoring_system
epss
scoring_elements
0.91852
published_at
2026-06-12T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2010-4367
1
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367
2
reference_url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
reference_id
606263
reference_type
scores
url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606263
3
reference_url
https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/35035.txt
reference_id
CVE-2010-4367;OSVDB-69606
reference_type
exploit
scores
url
https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/35035.txt
4
reference_url
https://www.securityfocus.com/bid/45123/info
reference_id
CVE-2010-4367;OSVDB-69606
reference_type
exploit
scores
url
https://www.securityfocus.com/bid/45123/info
fixed_packages
0
url
pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
purl
pkg:deb/debian/awstats@6.9.5~dfsg-5?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.9.5~dfsg-5%3Fdistro=trixie
1
url
pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
purl
pkg:deb/debian/awstats@7.8-2%2Bdeb11u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1%3Fdistro=trixie
2
url
pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
purl
pkg:deb/debian/awstats@7.8-3%2Bdeb12u2?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-3%252Bdeb12u2%3Fdistro=trixie
3
url
pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
purl
pkg:deb/debian/awstats@7.9-1%2Bdeb13u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.9-1%252Bdeb13u1%3Fdistro=trixie
4
url
pkg:deb/debian/awstats@8.0-5?distro=trixie
purl
pkg:deb/debian/awstats@8.0-5?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@8.0-5%3Fdistro=trixie
aliases
CVE-2010-4367
risk_score
0.2
exploitability
2.0
weighted_severity
0.1
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9db-6sn9-9ygs
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@6.9.5~dfsg-5%3Fdistro=trixie
×
Create
None
×
Edit
None