Basilix : Security Vulnerabilities, CVEs, CVSS score >= 6
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
Max CVSS
6.4
EPSS Score
0.42%
Published
2002-12-31
Updated
2017-07-11
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.
Max CVSS
6.8
EPSS Score
0.71%
Published
2002-12-31
Updated
2017-07-11
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
Max CVSS
7.5
EPSS Score
2.81%
Published
2001-01-11
Updated
2017-12-19
3 vulnerabilities found