Ezboo webstats, possibly 3.0.3, allows remote malicious users to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
source: wwwsecurityfocuscom/bid/22590/info
Ezboo webstats is prone to a vulnerability that will let attackers gain administrative access to the application because it fails to properly validate access
wwwexamplecom/ezwebstats/updatephp
wwwexamplecom/ezwebstats/configphp
...