CVSS: 7.5EPSS: 94%CPEs: 2EXPL: 5CVE-1999-1053 – The Matt Wright Guestbook.pl - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-1999-1053
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->". • https://www.exploit-db.com/exploits/16914 https://www.exploit-db.com/exploits/9907 https://github.com/siunam321/CVE-1999-1053-PoC http://www.securityfocus.com/archive/1/33674 http://www.securityfocus.com/archive/82/27296 http://www.securityfocus.com/archive/82/27560 http://www.securityfocus.com/bid/776 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-1999-1377
https://notcve.org/view.php?id=CVE-1999-1377
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. • http://pulhas.org/phrack/55/P55-07.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0930
https://notcve.org/view.php?id=CVE-1999-0930
wwwboard allows a remote attacker to delete message board articles via a malformed argument. • http://www.securityfocus.com/bid/1795 http://www.worldwidemart.com/scripts/faq/wwwboard/q5.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/2344 •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1CVE-1999-1479 – textcounter.pl 1.2 - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-1999-1479
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. • https://www.exploit-db.com/exploits/20583 http://www.securityfocus.com/archive/1/9609 http://www.securityfocus.com/bid/2265 https://exchange.xforce.ibmcloud.com/vulnerabilities/2052 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-1999-0173 – Matt Wright FormMail 1.x - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-1999-0173
FormMail CGI program can be used by web servers other than the host server that the program resides on. • https://www.exploit-db.com/exploits/20486 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173 •