Description
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Remediation
References
Related Vulnerabilities
WordPress Plugin Handsome Testimonials & Reviews SQL Injection (2.0.7)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27)
WordPress Plugin Woocommerce Aliexpress Dropshipping Lite PHP Object Injection (1.0.1)
Magento Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2019-8154)