Path Traversal Flaw in Awstats Version 7.6 and Earlier Allows Unauthenticated Remote Code Execution
CVE-2017-1000501 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
Learn more about our Web Application Penetration Testing UK.