Description
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post to CSV by BestWebSoft Cross-Site Scripting (1.3.0)
WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (5.0.12)
WordPress Plugin CMS Press Cross-Site Scripting (0.2.3)
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.5)
WordPress Plugin Twenty20 Image Before-After Malicious Code (1.6.3)