Description

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Remediation

References

CVE-2001-0108

Related Vulnerabilities

WordPress Plugin HandL UTM Grabber Security Bypass (2.6.4)

WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)

WebLogic Improper Input Validation Vulnerability (CVE-2020-10693)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12616)

Severity

Medium

Classification

CVE-2001-0108

Tags

Missing Update Known Vulnerabilities