Description
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2016-4072)
WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.15.11)
WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)
Lighttpd Resource Management Errors Vulnerability (CVE-2010-0295)
WordPress Plugin Chat-Support Board-WordPress Chat Multiple SQL Injection Vulnerabilities (3.3.3)