CVE-1999-1051

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Nov 16, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1051 is a vulnerability affecting Matt Wright FormHandler.cgi script. The default configuration of this script permits the use of arbitrary directories for file attachments, with the only restriction being access to the /etc/ directory. This misconfiguration enables remote attackers to read arbitrary files by manipulating the 'reply_message_attach' parameter in their attachment upload, posing a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlTuk
https://www.cve.org/CVERecord?id=CVE-1999-1051
https://nvd.nist.gov/vuln/detail/CVE-1999-1051

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-1999-1051

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations