Description
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
WordPress Plugin FormCraft-Contact Form Builder SQL Injection (1.0.5)
MySQL CVE-2015-2661 Vulnerability (CVE-2015-2661)
WordPress Plugin GS Insever Portfolio Cross-Site Scripting (1.4.4)
WordPress Plugin RK Responsive Contact Form SQL Injection (1.0.0)