Exploitation Summary
CVE-2009-5020 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Nuclei Templates (1)
AWStats < 6.95 - Open Redirect
MEDIUMby pdteam
Shodan:
cpe:"cpe:2.3:a:laurent_destailleur:awstats"
References (1)
Core 1
Core References
Product x_refsource_confirm
http://awstats.sourceforge.net/docs/awstats_changelog.txt
Scores
EPSS
0.0140
EPSS Percentile
80.9%
Details
CWE
CWE-20
Status
published
Products (29)
awstats/awstats
1.0
awstats/awstats
2.1.
awstats/awstats
2.2.3
awstats/awstats
2.2.4
awstats/awstats
3.0
awstats/awstats
3.1
awstats/awstats
3.2
awstats/awstats
4.0
awstats/awstats
4.1
awstats/awstats
5.0
... and 19 more
Published
Dec 02, 2010
Tracked Since
Feb 18, 2026