Description
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Remediation
References
Related Vulnerabilities
Ruby on Rails CVE-2021-22902 Vulnerability (CVE-2021-22902)
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
WordPress Plugin WP Mail Log Cross-Site Scripting (1.1.1)
WordPress Plugin Cryptocurrency Widgets-Price Ticker & Coins List Security Bypass (2.4)
WordPress Plugin RSS Post Importer Cross-Site Scripting (2.2.1)