Weak default configuration, protection bypass, CGI execution in server's content.
vulners.com/securityvulns/securityvulns:doc:3544