Description

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

Remediation

References

CVE-2001-0042

Related Vulnerabilities

WordPress Plugin Flip Slideshow Cross-Site Scripting (2.2)

MediaWiki Other Vulnerability (CVE-2005-1245)

WordPress Plugin Captcha by BestWebSoft Cross-Site Scripting (4.2.9)

Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)

Severity

Medium

Classification

CVE-2001-0042

Tags

Missing Update Known Vulnerabilities