Description

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

Remediation

References

CVE-2001-0042

Related Vulnerabilities

WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.6)

Magento Session Fixation Vulnerability (CVE-2019-7849)

WordPress Plugin Child Themes Helper Multiple Vulnerabilities (2.0)

MySQL CVE-2021-2038 Vulnerability (CVE-2021-2038)

WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)

Severity

Medium

Classification

CVE-2001-0042

Tags

Missing Update Known Vulnerabilities