Matt Wright » Formhandler.cgi : Security Vulnerabilities, CVEs, CVSS score >= 3

CVE-1999-1051

Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
Max CVSS
5.0
EPSS Score
0.81%
Published
1999-11-16
Updated
2008-09-05

CVE-1999-1050

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.
Max CVSS
5.0
EPSS Score
1.99%
Published
1999-11-12
Updated
2017-12-19
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close