CVE-2005-0363

EPSS 0.90%

awstats - missing input sanitising

Published: 5/2/2005Modified: 4/28/2026

Description

awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.

Affected packages (2)

Debian/awstatsfrom 0, < 6.2-1.2
Debian/awstatsfrom 0, < 4.0-0.woody.2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-0363