Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as >, which causes a different filename to be processed and served.
Affected Apache versions (up to 2.0.43).
- Upgrade Apache 2.x to the latest version.
- Stack Trace Disclosure (Ruby)
- Rsh service running
- WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)
- WordPress Plugin Email Subscribers & Newsletters Multiple Vulnerabilities (2.9)
- WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0)