Description
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Remediation
References
Related Vulnerabilities
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5270)
Oracle JRE CVE-2018-2618 Vulnerability (CVE-2018-2618)
WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3)
WordPress Plugin Visual Form Builder Multiple Cross-Site Scripting Vulnerabilities (2.8.6)