The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote malicious users to execute arbitrary code via shell metacharacters in the migrate parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
awstats awstats 6.4 |
||
awstats awstats 6.5 |