Description
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin BePro Listings Arbitrary File Upload (2.2.0020)
Internet Information Services CVE-2001-0146 Vulnerability (CVE-2001-0146)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6752)
WordPress Plugin Bitcoin/Altcoin Faucet Cross-Site Request Forgery (1.6.0)
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)