Remote Code Execution in AWStats 6.2 via Shell Metacharacters in Plugin Parameters

Remote Code Execution in AWStats 6.2 via Shell Metacharacters in Plugin Parameters

CVE-2005-0362 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.

Learn more about our Web Application Penetration Testing UK.