Download
| Alert*
|
oval:org.secpod.oval:def:700212
It was discovered that AWStats did not correctly filter the LoadPlugin configuration option. A local attacker on a shared system could use this to inject arbitrary code into AWStats. oval:org.secpod.oval:def:1083 The host is installed with AWStats and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to validate input. Successful exploitation could allow remote attackers to to have an unspecified impact via a crafted LoadPlugin directory. |
