The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
CVE Link
Exploit Type - Old
Exploits/Remote
Product Name