Description
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (3.2.12)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)
Joomla! Core Security Bypass (2.5.0 - 3.9.18)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0372)