CVE-2017-1000501

Published January 3rd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

eldy/AWStats

AWStats Log Analyzer project (official sources)

GitHub

430