Description
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Remediation
References
Related Vulnerabilities
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
phpMyAdmin CVE-2016-6618 Vulnerability (CVE-2016-6618)
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)
Oracle Database Server Other Vulnerability (CVE-2007-3856)
Squid Improper Input Validation Vulnerability (CVE-2016-4555)