Description
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-1048)
Apache Tomcat version older than 7.0.21
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
WordPress Plugin Restricted Site Access Security Bypass (7.3.1)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2642)