2 matches found
CVE-1999-1051
The CVE-1999-1051 entry concerns the Matt Wright FormHandler.cgi script. A default configuration allows arbitrary directories to be used for attachments, with access only restricted to /etc/; this enables remote attackers to read arbitrary files via the reply_message_attach parameter. The NVD met...
CVE-1999-1051
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the replymessageattach attachment parameter...