Summary #

Netsparker detected AWStats, a web-based statistics software.

This information can help an attacker gain a greater understanding of the systems in use and potentially help develop further attacks.

Impact #
An attacker can search for specific security vulnerabilities for the version of AWStats identified. More importantly, AWStats disclose too much information about hidden pages (config, administration etc.).
Remediation #
Configure your web server to prevent information leakage from the AWStats directory by implementing access control mechanisms to stop public access.
Classifications #
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, OWASP PC-C6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO