CVE-2009-5020

NUCLEI

Awstats < 6.9 - Improper Input Validation

Title source: rule

Description

Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Nuclei Templates (1)

AWStats < 6.95 - Open Redirect

MEDIUMby pdteam

Shodan: cpe:"cpe:2.3:a:laurent_destailleur:awstats"

References (1)

[Product] http://awstats.sourceforge.net/docs/awstats_changelog.txt

Scores

EPSS 0.0140

EPSS Percentile 80.5%

Details

CWE

CWE-20

Status published

Products (29)

awstats/awstats 1.0

awstats/awstats 2.1.

awstats/awstats 2.2.3

awstats/awstats 2.2.4

awstats/awstats 3.0

awstats/awstats 3.1

awstats/awstats 3.2

awstats/awstats 4.0

awstats/awstats 4.1

awstats/awstats 5.0

... and 19 more

Published Dec 02, 2010

Tracked Since Feb 18, 2026