Description

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Remediation

References

CVE-2001-0108

Related Vulnerabilities

WordPress Plugin Local Market Explorer 'api-key' Parameter Cross-Site Scripting (3.1.1)

Oracle JRE CVE-2020-2757 Vulnerability (CVE-2020-2757)

WordPress Plugin Special Text Boxes Arbitrary File Upload (5.1.90)

MySQL CVE-2017-3634 Vulnerability (CVE-2017-3634)

WordPress Plugin WP Unique Article Header Image Cross-Site Request Forgery (1.0)

Severity

Medium

Classification

CVE-2001-0108

Tags

Missing Update Known Vulnerabilities