Description

Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.

Remediation

References

CVE-2001-1072

Related Vulnerabilities

WordPress Plugin Image Source Control Security Bypass (2.3.0)

Mailman Other Vulnerability (CVE-2002-0855)

WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Scripting (1.8.1)

Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)

WordPress Plugin Esponce QR Code Generator Cross-Site Scripting (1.4)

Severity

Medium

Classification

CVE-2001-1072

Tags

Missing Update Known Vulnerabilities