cbcvebase.
CVE-2001-1044
published 2001-01-11

CVE-2001-1044: Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows…

PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
6.94%
93.3th percentile
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.

Affected

1 ranges
VendorProductVersion rangeFixed in
basilixbasilix_webmail
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.