Description
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Remediation
References
Related Vulnerabilities
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-7525)
WordPress Plugin Acumbamail Information Disclosure (1.0.4)
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)
WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)
WordPress Improper Input Validation Vulnerability (CVE-2020-28037)