68 matches found
CVE-2001-1045
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. dot dot in the requestidDUMMY parameter...
Basilix Webmail 1.0 - File Disclosure
Basilix Webmail 1.0 - File Disclosure source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as...
Basilix Webmail 1.0 - File Disclosure
source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as the filename that can be supplied...
Basilix Webmail .class / .inc Direct Request Remote Information Disclosure
It is possible to download the include files on the remote BasiliX webmail service. An attacker may use these to obtain the MySQL authentication credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10601;...
Basilix Webmail System *.class *.inc Permission Vulnerability
--------------------------------------------------- tamersahin.net Security Solutions Announcement --------------------------------------------------- Basilix Webmail System .class .inc Permission Vulnerability Release Date: January 12, 2001 Version Affected: Basilix Webmail System 0.9.7beta...
CVE-2001-1044
Basilix Webmail 0.9.7beta, and possibly other versions, stores .class and .inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file...
Basilix Webmail 0.9.7 - Incorrect File Permissions
Basilix Webmail 0.9.7 - Incorrect File Permissions source: https://www.securityfocus.com/bid/2198/info A vulnerability has been reported in basilix webmail v. 0.9.7b. Basilix Webmail ships with several configuration files that have the file extensions '.class' and '.inc'. Among other things, thes...
Basilix Webmail 0.9.7 - Incorrect File Permissions
source: https://www.securityfocus.com/bid/2198/info A vulnerability has been reported in basilix webmail v. 0.9.7b. Basilix Webmail ships with several configuration files that have the file extensions '.class' and '.inc'. Among other things, these files contain the authentication information for...