CVE-1999-1050

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Nov 12, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1050 is a directory traversal vulnerability affecting the Matt Wright FormHandler.cgi script. An attacker can exploit this flaw by manipulating the "reply_message_attach" attachment parameter with a ".." (dot dot) input, enabling them to read arbitrary files in the system. Alternatively, they can use a filename as a template to traverse directories and potentially gain unauthorized access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSis
https://www.cve.org/CVERecord?id=CVE-1999-1050
https://nvd.nist.gov/vuln/detail/CVE-1999-1050

Back to Vulnerability Database

CVE-1999-1050

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations