CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-1999-1050

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.048

EPSS Ranking 89.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.securityfocus.com/archive/1/34600
http://www.securityfocus.com/archive/1/34939
http://www.securityfocus.com/bid/798
http://www.securityfocus.com/bid/799
https://exchange.xforce.ibmcloud.com/vulnerabilities/3550
http://www.securityfocus.com/archive/1/34600
http://www.securityfocus.com/archive/1/34939
http://www.securityfocus.com/bid/798
http://www.securityfocus.com/bid/799
https://exchange.xforce.ibmcloud.com/vulnerabilities/3550

Products affected by CVE-1999-1050

Matt Wright » Formhandler.cgi » Version: 1.0

cpe:2.3:a:matt_wright:formhandler.cgi:1.0
Matt Wright » Formhandler.cgi » Version: 2.0

cpe:2.3:a:matt_wright:formhandler.cgi:2.0
Matt Wright » Formhandler.cgi » Version: 3.0

cpe:2.3:a:matt_wright:formhandler.cgi:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-1999-1050

Products

Pricing

Contact Us