CVE-1999-1051
Matt Wright Formhandler Cgi — NVD-CWE-Other
- Published: 1999-11-16T05:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- Vendors: Matt Wright
- Products: Formhandler Cgi
- CWE: NVD-CWE-Other
CVE-1999-1051 — Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter. [Weakness: NVD-CWE-Other]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No items for this vendor.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
🧠 Explainer: What this vulnerability means
Summary: Formhandler Cgi from Matt Wright is impacted (CWE: unspecified).
Impact: It may allow privilege escalation, data exposure, or service interruption.
Mitigation: Upgrade immediately to the remediated release and follow vendor hardening guidance.
- http://www.securityfocus.com/archive/1/34939 [Exploit, Vendor Advisory]
- http://www.securityfocus.com/archive/1/34939 [Exploit, Vendor Advisory]