Description
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
Remediation
References
Related Vulnerabilities
Joomla Improper Authentication Vulnerability (CVE-2017-16634)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630)
Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900)
WordPress Plugin Car Rental System SQL Injection (3.0)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5320)