CVE-1999-1377
The CVE-1999-1377 entry concerns Matt Wright’s download.cgi 1.0. The vulnerability arises from a pathname traversal flaw: remote attackers can read arbitrary files by supplying a .. (dot dot) sequence in the f parameter. This indicates a breach of confidentiality via improper input handling in th...