Description
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
Remediation
References
Related Vulnerabilities
WordPress Plugin Startklar Elementor Addons Arbitrary File Upload (1.7.13)
WordPress Plugin School Management System-WPSchoolPress Multiple Vulnerabilities (2.1.9)
WordPress Plugin Spiffy XSPF Player SQL Injection (0.1)
SugarCRM Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3803)