Description
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Super Cache Remote Code Execution (1.7.1)
WordPress Plugin Ad Buttons Multiple Vulnerabilities (2.3.1)
Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266)
WordPress Plugin WPFront Notification Bar Cross-Site Scripting (1.9.1.04012)
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (3.8.7)