Description
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Remediation
References
Related Vulnerabilities
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)
WordPress Plugin NewStatPress Multiple Vulnerabilities (0.9.8)
Django Incorrect Regular Expression Vulnerability (CVE-2018-7536)
WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)
WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)