Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment

source: https://www.securityfocus.com/bid/799/info Any file that the FormHandler.cgi has read access to the cgi is typically run as user 'nobody' on Unix systems can be specified as an attachment in a reply email. This could allow an attacker to gain access to sensitive files such as /etc/passwd...