Openwebanalytics : Security Vulnerabilities, CVEs, Published In 2010
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
5.1
EPSS Score
2.80%
Published
2010-07-08
Updated
2017-08-17
Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters.
Max CVSS
5.0
EPSS Score
0.54%
Published
2010-07-08
Updated
2017-08-17
2 vulnerabilities found