CVE-1999-0887

FTGate web interface server - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0887. PoCs published by Marc.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in Floosietek's FTGate mail server. The vulnerability allows remote attackers to read arbitrary files on the server by manipulating the URL path.

Description

FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Marc · textremotemultiple

https://www.exploit-db.com/exploits/19223

View Code ZIP pw:eip

This is a writeup describing a directory traversal vulnerability in Floosietek's FTGate mail server. The vulnerability allows remote attackers to read arbitrary files on the server by manipulating the URL path.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Floosietek FTGate (version not specified)

No auth needed

Prerequisites: Network access to the FTGate web interface · Knowledge of target file paths

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources third-party-advisory x_refsource_eeye

http://www.eeye.com/html/Research/Advisories/AD05261999.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/1137

Scores

EPSS 0.0577

EPSS Percentile 92.1%

Details

Status published

Products (1)

floosietek/ftgate 2.1

Published Nov 04, 1999

Tracked Since Feb 18, 2026