2 matches found
RATELIMITED: Apache mod_negotiation filename bruteforcing https://api.ratelimited.me
The Apache modnegotiation module allowed for filename bruteforcing and information disclosure through a 406 Not Acceptable error response. This vulnerability has been fixed by disabling the MultiViews directive in Apache's configuration file and restarting the server...
Cloudflare: Apache mod_negotiation filename bruteforcing
Vulnerability description modnegotiation is an Apache module responsible for selecting the document that best matches the clients capabilities, from one of several available documents. If the client provides an invalid Accept header, the server will respond with a 406 Not Acceptable error...