Description
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce PayU India (PayUmoney-PayUbiz) Parameter Tampering (2.1.1)
WordPress Plugin WP Custom Fields Search Cross-Site Scripting (1.2.34)
WordPress Plugin ARI Adminer-WordPress Database Manager Cross-Site Request Forgery (1.1.13)
PHP NULL Pointer Dereference Vulnerability (CVE-2018-10548)
WordPress Plugin Parcel Tracker eCourier Cross-Site Request Forgery (1.0.1)