CVE-1999-1177

Name of the Vulnerable Software and Affected Versions nph-publish versions prior to 1.2

Description The issue allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation. This is due to a directory traversal vulnerability.

Recommendations For versions prior to 1.2, update to version 1.2 or later to resolve the issue. As a temporary workaround, consider restricting upload operations to prevent exploitation.