Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-0264. PoCs published by Dennis Moore.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Miva's htmlscript CGI program prior to version 2.9932. An attacker can read arbitrary files by appending relative paths to the URL, leveraging insufficient path sanitization.
Description
htmlscript CGI program allows remote read access to files.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Dennis Moore · textremotecgi
https://www.exploit-db.com/exploits/20434
The exploit describes a directory traversal vulnerability in Miva's htmlscript CGI program prior to version 2.9932. An attacker can read arbitrary files by appending relative paths to the URL, leveraging insufficient path sanitization.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Miva htmlscript < 2.9932
No auth needed
Prerequisites:
Access to the vulnerable CGI script via HTTP
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0264
Scores
EPSS
0.0585
EPSS Percentile
92.3%
Details
Status
published
Products (1)
miva/htmlscript
Published
Jan 27, 1998
Tracked Since
Feb 18, 2026