Basilix: >> Basilix Webmail >> 1.1.0 Security Vulnerabilities
Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) BSX_LIBDIR parameter in scripts in /files/ including (a) abook.php3, (b) compose-attach.php3, (c) compose-menu.php3, (d) compose-new.php3, (e) compose-send.php3, (f) folder-create.php3, (g) folder-delete.php3, (h) folder-empty.php3, (i) folder-rename.php3, (j) folders.php3, (k) mbox-action.php3, (l) mbox-list.php3, (m) message-delete.php3, (n) message-forward.php3, (o) message-header.php3, (p) message-print.php3, (q) message-read.php3, (r) message-reply.php3, (s) message-replyall.php3, (t) message-search.php3, or (u) settings.php3; and the (2) BSX_HTXDIR parameter in (v) files/login.php3.
CVSS Score
5.1
EPSS Score
0.11
Published
2006-10-05
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.
CVSS Score
6.8
EPSS Score
0.007
Published
2002-12-31
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVSS Score
6.4
EPSS Score
0.003
Published
2002-12-31
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
CVSS Score
3.6
EPSS Score
0.001
Published
2002-12-31
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments.
CVSS Score
2.1
EPSS Score
0.002
Published
2002-12-31