Description

Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.

Remediation

References

CVE-2001-1072

Related Vulnerabilities

WordPress Plugin Import Spreadsheets from Microsoft Excel Arbitrary File Upload (10.1.4)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.21)

WordPress Plugin Cryptocurrency Donation Box-Bitcoin & Crypto Donations Security Bypass (1.7)

WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13)

Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)

Severity

Medium

Classification

CVE-2001-1072

Tags

Missing Update Known Vulnerabilities