CVE-1999-1153

CVE-1999-1153 affects HAMcards Postcard CGI script 1.0. The vulnerability allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the recipient email address, enabling potentially partial confidentiality, integrity, and availability impact. The CVSS score (2.0) ...

CVE-1999-1278

nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via 1 nlog-smb.pl or 2 rpc-nlog.pl...

CVE-1999-1070

The CVE-1999-1070 entry describes a buffer overflow in the ping CGI program of Xylogics Annex terminal service, allowing remote denial of service via a long query parameter. Public sources in the connected docs verify the affected component as the ping CGI script and the root cause as a buffer ov...

CVE-1999-1357

CVE-1999-1357 affects Netscape Communicator 4.04–4.7 on UNIX, where 0x8b is mapped to ‘’, enabling cross-site scripting via CGI scripts that fail to filter these characters. The description does not specify affected versions beyond those, nor the root cause beyond character mapping in HTML contex...

CVE-1999-1381

Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands...

CVE-1999-1436

Ray Chan WWW Authorization Gateway 0.1 CGI program is affected by a remote command execution vulnerability: an attacker can supply shell metacharacters in the "user" parameter to execute arbitrary commands. The available sources corroborate this description across CVE registries, but do not provi...

CVE-1999-1412

CVE-1999-1412 describes a DoS risk from an interaction between MacOS X 1.0 and Apache HTTP server, where a flood of HTTP GET requests to CGI programs can spawn many processes on affected systems. Connected sources provide concrete details indicating the issue relates to the Apache httpd component...

CVE-1999-1070

Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter...

CVE-1999-1154

LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...

CVE-1999-1278

CVE-1999-1278 affects the nlog CGI scripts where the IP address argument is not properly filtered for shell metacharacters. This enables remote attackers to execute commands via two scripts: (1) nlog-smb.pl and (2) rpc-nlog.pl. The description does not provide additional details on affected versi...

CVE-1999-1155

LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...

CVE-1999-1179

CVE-1999-1179 describes a vulnerability in the included man.sh CGI script from SysAdmin Magazine (May 1998) that allows remote attackers to execute arbitrary commands. The NVD notes a CVSSv2 base score of 7.5 (HIGH) with AV:N/AC:L/Au:N/C:P/I:P/A:P. The entry lists no exploitation status and provi...

CVE-1999-1250

The CVE-1999-1250 entry describes a vulnerability in the CGI component of the Lasso application by Blue World (used on WebSTAR and other servers). The flaw allows remote attackers to read arbitrary files via the CGI program. The provided sources confirm the affected product and the impact (unauth...

CVE-1999-1381

The CVE covers a buffer overflow in the dbadmin CGI program 1.0.1 on Linux, enabling remote command execution. The available sources state this vulnerability allows arbitrary commands to be executed by an unauthenticated attacker over the network. No remediation or patch details are provided in t...

CVE-1999-1469

The vulnerability CVE-1999-1469 stems from a buffer overflow in the w3-auth CGI program within the miniSQL package. An attacker can remotely execute arbitrary commands by sending an HTTP request with a long URL or a long User-Agent header. The CVSS data indicates a network attack vector with low ...

CVE-1999-1155

CVE-1999-1155 affects the LakeWeb Mail List CGI script, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the recipient email address. The description specifies a remote command execution risk with network access and no authentication. No explicit patch ...

CVE-1999-1462

Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files...

CVE-1999-1462

The CVE-1999-1462 issue affects the Big Brother bb-hist.sh History module, specifically in Big Brother 1.09b and 1.09c. The vulnerability is a directory traversal flaw exposed through the HISTFILE parameter of the bb-hist.sh CGI, allowing a remote attacker to read arbitrary files on the affected ...

CVE-1999-1063

CDomain whoisraw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter...

CVE-1999-1469

Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with 1 a long URL, or 2 a long User-Agent MIME header...