CVE-1999-1050
Matt Wright FormHandler.cgi - Directory Traversal via Attachment Parameter or Template Filename
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-1050. PoCs published by m4rcyS.
AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in FormHandler.cgi to read arbitrary files by manipulating the 'reply_message_attach' parameter. The default configuration allows access to any file, including sensitive ones like /etc/passwd, due to improper path validation.
Description
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.
Exploits (1)
This exploit leverages a directory traversal vulnerability in FormHandler.cgi to read arbitrary files by manipulating the 'reply_message_attach' parameter. The default configuration allows access to any file, including sensitive ones like /etc/passwd, due to improper path validation.