The mod_security2 module prior to 2.7.0 for the Apache HTTP Server allows remote malicious users to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trustwave modsecurity |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 12.2 |
||
opensuse opensuse 12.3 |
||
fedoraproject fedora 18 |