CVE-1999-0935

CVSS 2.0 Score 10 of 10 (high)

Details

Published Dec 15, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0935 is a vulnerability affecting the classifieds.cgi application. This issue permits remote attackers to execute arbitrary commands by inputting them into a hidden variable within a CGI form. An attacker can exploit this flaw to gain unauthorized access or take control of the affected system, leading to potential data theft or system damage. The vulnerability underscores the importance of validating and sanitizing user input to protect against remote command injection attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlRac
https://www.cve.org/CVERecord?id=CVE-1999-0935
https://nvd.nist.gov/vuln/detail/CVE-1999-0935

Back to Vulnerability Database

CVE-1999-0935

CVSS 2.0 Score 10 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations