This alert was generated using only banner information. It may be a false positive.
Fixed in Apache httpd 2.2.9:
low: mod_proxy_balancer CSRF CVE-2007-6420
The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks.
moderate: mod_proxy_http DoS CVE-2008-2364
A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.
Affected Apache versions (2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).
- low: mod_proxy_balancer CSRF CVE-2007-6420
- Upgrade Apache 2.x to the latest version.
- WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.1.02)
- WordPress Plugin WooCommerce Product Addons Arbitrary File Upload (1.1)
- WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Security Bypass (7.10.6)
- WordPress Plugin XCloner-Backup and Restore Arbitrary File Deletion (3.1.4)
- WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.5)