Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References

• https://nvd.nist.gov/vuln/detail/CVE-2009-5020
• http://awstats.sourceforge.net/docs/awstats_changelog.txt