CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1CVE-2000-0411 – Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure
https://notcve.org/view.php?id=CVE-2000-0411
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. • https://www.exploit-db.com/exploits/19906 http://archives.neohapsis.com/archives/bugtraq/2000-05/0125.html http://www.perfectotech.com/blackwatchlabs/vul5_10.html http://www.securityfocus.com/bid/1187 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-1999-1051
https://notcve.org/view.php?id=CVE-1999-1051
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter. • http://www.securityfocus.com/archive/1/34939 •
CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 4CVE-1999-1050 – Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment
https://notcve.org/view.php?id=CVE-1999-1050
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template. • https://www.exploit-db.com/exploits/19620 http://www.securityfocus.com/archive/1/34600 http://www.securityfocus.com/archive/1/34939 http://www.securityfocus.com/bid/798 http://www.securityfocus.com/bid/799 https://exchange.xforce.ibmcloud.com/vulnerabilities/3550 •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 1CVE-1999-0953 – WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure
https://notcve.org/view.php?id=CVE-1999-0953
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. • https://www.exploit-db.com/exploits/3065 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0953 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-1999-0954
https://notcve.org/view.php?id=CVE-1999-0954
WWWBoard has a default username and default password. • http://www.securityfocus.com/bid/649 •