stat.php in PHP Web Statistik 1.4 allows remote attackers to cause a denial of service (CPU consumption) via a large lastnumber value.
https://exchange.xforce.ibmcloud.com/vulnerabilities/23384
http://www.vupen.com/english/advisories/2005/2645
http://www.ush.it/2005/11/19/php-web-statistik/
http://secunia.com/advisories/17789
http://freewebstat.com/changelog-english.html
http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00325.html