Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as >, which causes a different filename to be processed and served.
Affected Apache versions (up to 2.0.43).
- Upgrade Apache 2.x to the latest version.
- WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.21)
- WordPress Plugin KittyCatfish Ads by Missilesilo SQL Injection (2.2)
- WordPress Plugin Product Catalog Unspecified Vulnerability (3.1.3)
- WordPress Plugin WP-Stats Multiple Vulnerabilities (2.51)
- WordPress Plugin IP Blacklist Cloud Arbitrary File Disclosure (3.42)