Eval injection vulnerability in awstats.pl in AWStats 6.4 and previous versions, when a URLPlugin is enabled, allows remote malicious users to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
awstats awstats |
||
canonical ubuntu linux 5.04 |
||
debian debian linux 3.1 |
||
debian debian linux 3.0 |