Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514)

Description

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.

Remediation

References

Related Vulnerabilities

Oracle Database Server CVE-2011-3525 Vulnerability (CVE-2011-3525)

WordPress Plugin Auto Group Join Cross-Site Scripting (1.0)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961)

WordPress Plugin Twitter Button by BestWebSoft Cross-Site Request Forgery (2.14)

SharePoint URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1323)

Severity

Medium

Classification

CVE-2007-6514 CWE-200

Tags

Missing Update Known Vulnerabilities