Description
AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages.
It's recommended to restrict access to this directory as it may contain sensitive information (test scripts, administrative interfaces, session tokens sent via GET, ...). This kind of information may help an attacker to learn more about the structure of your website and can be used to conduct further attacks.
Remediation
Restrict (or password protect) the access to directory or make it accessible only on the local interface.
References
Related Vulnerabilities
Multiple vulnerabilities fixed in PHP versions 5.5.12 and 5.4.28
Atlassian Jira insecure REST permissions
WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1)
Passive Mixed Content over HTTPS
WordPress Plugin PICA Photo Gallery 'imgname' Parameter Information Disclosure (1.0)