AWStats icon indicating copy to clipboard operation
AWStats copied to clipboard
verified publisher icon eldy

Vulnerability in AWStats (Details via private mail)

Open untested711 opened this issue 4 months ago • 5 comments

Hi @eldy,

Sent you a mail (to [email protected]) on Aug 4, 2025 regarding a vulnerability in AWStats.

Please confirm you have received it via mail.

Thanks

untested711 avatar Aug 29 '25 17:08 untested711

I have received email with reminder but no description on vulnerability, but i may have missed it.

eldy avatar Aug 30 '25 09:08 eldy

Resent the initial mail.

Please check the Spam folder or if the mail was blocked.

The first and third mail may not have reached because we are trying to send the PoC as an attachment.

Please let us know asap if you received it or, if not, in order for us to resend the whole PoC as plaintext.

Thanks

untested711 avatar Sep 01 '25 19:09 untested711

please watch for other emails in spam as well.

Thank you.

dualfade avatar Sep 05 '25 18:09 dualfade

@untested711 Can you send me more details please?

ShaiMagal avatar Sep 06 '25 16:09 ShaiMagal

I also sent over a vuln last week around same time. So please watch for that in spam. It may be something else entirely. If so; I would like to open a valid request for it. As there are very minimal details here.

POC was included.

Thanks.

dualfade avatar Sep 06 '25 16:09 dualfade