Vulnerability Details CVE-2001-1045
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.086
EPSS Ranking 92.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0114.html
- http://www.securityfocus.com/bid/2995
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6873
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0114.html
- http://www.securityfocus.com/bid/2995
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6873
Products affected by CVE-2001-1045
-
cpe:2.3:a:basilix:basilix_webmail:1.02_beta
-
cpe:2.3:a:basilix:basilix_webmail:1.03_beta