- Home
- CVEs with nessus.description==The remote host is running AWStats, a free logfile analysis tool written in Perl.
The version of AWStats installed on the remote host fails to sanitize input to the 'migrate' parameter before passing it to a Perl 'open()' function. Provided 'AllowToUpdateStatsFromBrowser' is enabled in the AWStats site configuration file, an unauthenticated attacker can exploit this issue to execute arbitrary code on the affected host, subject to the privileges of the web server user id.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top