Description

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

Remediation

References

CVE-2001-0042

Related Vulnerabilities

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)

WebLogic CVE-2016-0638 Vulnerability (CVE-2016-0638)

RubyGems Other Vulnerability (CVE-2012-2125)

Moodle CVE-2018-1043 Vulnerability (CVE-2018-1043)

WordPress Plugin myLinksDump 'url' Parameter SQL Injection (1.2)

Severity

Medium

Classification

CVE-2001-0042

Tags

Missing Update Known Vulnerabilities