Summary
The remote web server contains a PHP script that is prone to information disclosure.
Description :
The script 'basilix.php3' is installed on the remote web server. Some versions of this webmail software allow the users to read any file on the system with the permission of the webmail software, and execute any PHP.
Solution
Update Basilix or remove DUMMY from lang.inc.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2001-1045 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts Cross Site Scripting Vulnerability
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability