Vulnerabilities > Basilix

DATE	CVE	VULNERABILITY TITLE	RISK
2006-10-05	CVE-2006-5167	Remote File Include vulnerability in BasiliX Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) BSX_LIBDIR parameter in scripts in /files/ including (a) abook.php3, (b) compose-attach.php3, (c) compose-menu.php3, (d) compose-new.php3, (e) compose-send.php3, (f) folder-create.php3, (g) folder-delete.php3, (h) folder-empty.php3, (i) folder-rename.php3, (j) folders.php3, (k) mbox-action.php3, (l) mbox-list.php3, (m) message-delete.php3, (n) message-forward.php3, (o) message-header.php3, (p) message-print.php3, (q) message-read.php3, (r) message-reply.php3, (s) message-replyall.php3, (t) message-search.php3, or (u) settings.php3; and the (2) BSX_HTXDIR parameter in (v) files/login.php3. network high complexity basilix	5.1
2002-12-31	CVE-2002-1711	Unspecified vulnerability in Basilix Webmail 1.1.0 BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. local low complexity basilix	2.1
2002-12-31	CVE-2002-1710	Unspecified vulnerability in Basilix Webmail 1.1.0 The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file. local low complexity basilix	3.6
2002-12-31	CVE-2002-1709	SQL Injection vulnerability in Basilix Webmail 1.1.0 SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable. network low complexity basilix	6.4
2002-12-31	CVE-2002-1708	Unspecified vulnerability in Basilix Webmail 1.1.0 Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields. network basilix	6.8
2001-07-06	CVE-2001-1045	Unspecified vulnerability in Basilix Webmail 1.02Beta/1.03Beta Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. network low complexity basilix	5.0
2001-01-11	CVE-2001-1044	Unspecified vulnerability in Basilix Webmail 0.9.7Beta Basilix Webmail 0.9.7beta, and possibly other versions, stores .class and .inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file. network low complexity basilix	7.5

Vulnerabilities > Basilix {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Basilix"}]}

Vulnerabilities > Basilix