awstatstotals.php in AWStats Totals 1.0 up to and including 1.14 allows remote malicious users to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
telartis bv awstats totals 1.1 |
||
telartis bv awstats totals 1.11 |
||
telartis bv awstats totals 1.13 |
||
telartis bv awstats totals 1.14 |
||
telartis bv awstats totals 1.0 |