This version of Apache on Windows is vulnerable to a directory traversal attack.The issue is related to the failure to properly process the backslash '\' character, which may be used as a directory delimiter.
Affected Apache versions (up to 2.0.38).
- Upgrade Apache 2.x to the latest version.
- WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)
- WordPress Plugin WooCommerce Potential PHP Object Injection (3.4.4)
- WordPress Plugin WP Clone by WP Academy Cross-Site Scripting (2.1.1)
- WordPress Plugin WatuPRO SQL Injection (220.127.116.11)
- WordPress Plugin Disable Comments Cross-Site Scripting (1.3)