AWStats < 6.95 - Open Redirect

An open redirect vulnerability in awredir.pl in AWStats 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2009-5020 info: name: AWStats 6.95 - Open Redirect author: pdteam severity: medium description: An open...

AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting

AWStats is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. id: CVE-2012-4547 info: name: AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting author: dhiyaneshDk severity: medium description: AWStats is prone to multip...

MGASA-2026-0138 Updated awstats packages fix security vulnerability

AWStats is vulnerable to Command Injection via the open function. CVE-2025-63261...

Updated awstats packages fix security vulnerability

AWStats is vulnerable to Command Injection via the open function. CVE-2025-63261...

Fedora 44 : awstats (2026-649970e065)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-649970e065 advisory. Fix CVE-2025-63261 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

[SECURITY] Fedora 44 Update: awstats-8.0-4.fc44

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

[SECURITY] Fedora 42 Update: awstats-8.0-1.fc42

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

[SECURITY] Fedora 43 Update: awstats-8.0-2.fc43

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

Fedora 42 : awstats (2026-29b65f46e8)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-29b65f46e8 advisory. Fix CVE-2025-63261 rhbz 2450261 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : awstats (2026-fad30cb6e2)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-fad30cb6e2 advisory. Fix CVE-2025-63261 rhbz 2450263 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Debian: Security Advisory (DLA-4509-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4509-1] awstats security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4509-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 25, 2026 https://wiki.debian.org/LTS -...

Debian dla-4509 : awstats - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4509 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4509-1 [email protected] https://www.debian.org/lts/security/...

DLA-4509-1 awstats - security update

Bulletin has no description...

CVE-2025-63261

A flaw was found in AWStats. A remote attacker can exploit a command injection vulnerability through the open function, leading to arbitrary code execution on the affected system. This allows for a complete compromise of the system. Mitigation To mitigate this issue, restrict access to the AWStat...

Linux Distros Unpatched Vulnerability : CVE-2025-63261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AWStats 8.0 is vulnerable to Command Injection via the open function CVE-2025-63261 Note that Nessus relies on the presence of the package as reported by the...

EUVD-2025-208911

AWStats 8.0 is vulnerable to Command Injection via the open function...

DEBIAN-CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...

UBUNTU-CVE-2025-63261

AWStats 8.0 is vulnerable to Command Injection via the open function...