Description
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Remediation
References
Related Vulnerabilities
WordPress Plugin PDW Media File Browser 'upload.php' Arbitrary File Upload (1.1)
WordPress Plugin Zingiri Web Shop Multiple Cross-Site Scripting Vulnerabilities (2.4.1)
WordPress Plugin RestroPress-Online Food Ordering System Security Bypass (2.8.3)
WordPress Resource Management Errors Vulnerability (CVE-2014-5266)