AWStats Eval Injection Vulnerability

AWStats Eval Injection Vulnerability

CVE-2005-1527 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.

Learn more about our Aws Audit.