Description
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.23)
WordPress Plugin Acumbamail Information Disclosure (1.0.4)
WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.1)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.5)
Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)