Description
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2494 Vulnerability (CVE-2019-2494)
MySQL CVE-2014-6495 Vulnerability (CVE-2014-6495)
Oracle Database Server CVE-2006-1870 Vulnerability (CVE-2006-1870)
WordPress Plugin Question and Answer Forum 'title' Variable Cross-Site Scripting (1.2.4)
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)