Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as >, which causes a different filename to be processed and served.
Affected Apache versions (up to 2.0.43).
- Upgrade Apache 2.x to the latest version.
- WordPress Plugin Adavnced Video embed Local File Inclusion (1.0)
- Credit card number disclosed
- WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.18)
- WordPress Plugin Custom Post Types and Custom Fields creator-WCK Multiple Unspecified Vulnerabilities (1.2.9)
- WordPress Plugin Media File Renamer Cross-Site Scripting (1.7.0)