Description

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Remediation

References

CVE-2001-0108

Related Vulnerabilities

Perl Improper Certificate Validation Vulnerability (CVE-2023-31484)

Moodle Improper Input Validation Vulnerability (CVE-2018-1137)

WordPress Plugin WordPress OpenID Connect Client Cross-Site Scripting (2.1.4)

Jenkins Resource Management Errors Vulnerability (CVE-2014-3661)

WordPress Plugin Process Steps Template Designer Cross-Site Request Forgery (1.2.1)

Severity

Medium

Classification

CVE-2001-0108

Tags

Missing Update Known Vulnerabilities