Fix another vulnerability reported by cPanel Security Team (can execute

arbitraty code)

wwwroot/cgi-bin/awstats.pl

@@ -17145,7 +17145,6 @@ sub HTMLMainExtra{
 
 	if ( $QueryString =~ /config=([^&]+)/i ) { 
 		$SiteConfig = &Sanitize("$1");
-		$SiteConfig =~ s/\.\.//g; 		# Avoid directory transversal
 	}
 	if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; }
 	if ( $QueryString =~ /pluginmode=([^&]+)/i ) {
@@ -17191,10 +17190,13 @@ sub HTMLMainExtra{
 	# If migrate
 	if ( $QueryString =~ /(^|-|&|&)migrate=([^&]+)/i ) {
 		$MigrateStats = &Sanitize("$2");
+
 		$MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/;
-		$SiteConfig = $5 ? $5 : 'xxx';
+		$SiteConfig = &Sanitize($5 ? $5 : 'xxx');
 		$SiteConfig =~ s/^\.//;    # SiteConfig is used to find config file
 	}
+
+	$SiteConfig =~ s/\.\.//g; 		# Avoid directory transversal
 }
 else {                             # Run from command line
 	$DebugMessages = 1;
@@ -17204,9 +17206,10 @@ sub HTMLMainExtra{
 
 		# If migrate
 		if ( $ARGV[$_] =~ /(^|-|&|&)migrate=([^&]+)/i ) {
-			$MigrateStats = "$2";
+			$MigrateStats = &Sanitize("$2");
+
 			$MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/;
-			$SiteConfig = $5 ? $5 : 'xxx';
+			$SiteConfig = &Sanitize($5 ? $5 : 'xxx');
 			$SiteConfig =~ s/^\.//;    # SiteConfig is used to find config file
 			next;
 		}
@@ -17235,7 +17238,6 @@ sub HTMLMainExtra{
 
 	if ( $QueryString =~ /config=([^&]+)/i ) { 
 		$SiteConfig = &Sanitize("$1"); 
-		$SiteConfig =~ s/\.\.//g; 
 	}
 	if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; }
 	if ( $QueryString =~ /pluginmode=([^&]+)/i ) {
@@ -17301,6 +17303,8 @@ sub HTMLMainExtra{
 		$ShowDirectOrigin = 1;
 		$QueryString =~ s/showdirectorigin[^&]*//i;
 	}
+
+	$SiteConfig =~ s/\.\.//g; 
 }
 if ( $QueryString =~ /(^|&|&)staticlinks/i ) {
 	$StaticLinks = "$PROG.$SiteConfig";