Description
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
Oracle Application Server CVE-2008-1824 Vulnerability (CVE-2008-1824)
Jetty CVE-2020-27218 Vulnerability (CVE-2020-27218)
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25)
WordPress Plugin WP eCommerce Multiple Vulnerabilities (3.9.1)