Description

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Remediation

References

CVE-2001-0108

Related Vulnerabilities

WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)

MySQL CVE-2016-3452 Vulnerability (CVE-2016-3452)

WordPress Plugin Gallery for Social Photo Cross-Site Request Forgery (1.0.0.27)

WordPress Plugin Flog Cross-Site Scripting (0.1)

MySQL CVE-2024-20965 Vulnerability (CVE-2024-20965)

Severity

Medium

Classification

CVE-2001-0108

Tags

Missing Update Known Vulnerabilities