CVE-2005-1527

Name of the Vulnerable Software and Affected Versions AWStats versions 6.4 and earlier

Description The issue allows remote attackers to execute arbitrary Perl code via the HTTP Referrer when a URLPlugin is enabled. This is achieved by inserting the $url parameter into an eval function call, enabling the execution of malicious code.

Recommendations For AWStats versions 6.4 and earlier, consider disabling the URLPlugin to prevent exploitation until a patch is available. Restrict access to the eval function call to minimize the risk of arbitrary code execution.